Thus spake Penguin:
> I am a complete beginner to firewalls, I would like to know if they can do
> these things:
>
> - record history of packets grouping by port number, TCP or UDP (or
> whatever?), data size if any, and any suspicious things like ICMP flood.
>
> - record the actual data as a packet sniffer for a PPP link (my dialup
> modem). I am suspicious of what's going on. I want to see ALL that stuff
> moving over my link, printing it to a file or perhaps sending it to my
> PostgreSQL db in tables where I can select by PASS: USER: etc etc and of
> course just inspect the raw data.
>
> Also, need a tut for writing firewall rules. Got to be for a really stupid
> beginner who knows nothing! :)
iptables, using the 2.4.x kernels, has a LOG option. Google search
for iptables firewall HOWTO should get you what you need, there are
literally tons out there. If you're using potato, then the tool
you're looking for is ipchains - never used it myself, but I think it
does most of the same things.
Steve
--
Remember though that
THERE IS NO GENERAL RULE FOR CONVERTING A LIST INTO A SCALAR.
-- Larry Wall in the perl man page
Attachment:
pgpC54m1WbIDv.pgp
Description: PGP signature