Koozali.org: home of the SME Server

Obsolete Releases => SME Server 6.x => Topic started by: haj on June 22, 2006, 03:52:07 AM

Title: FirewalEyes and Iptables
Post by: haj on June 22, 2006, 03:52:07 AM

hello,

I want to setup firewalleyes (http://firewalleyes.creabilis.com/) it needs access to an iptable log file where logs should be formated like this:

Sep 24 04:03:17 host kernel: RULE 16 -- DENY IN=eth1 OUT=eth2 SRC=192.168.0.10 DST=10.3.3.25 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=45323 DF PROTO=TCP SPT=1549 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0

for that it seems I need a rule like:

iptables -A RULE_3 -j LOG --log-level info --log-prefix "RULE 3 -- ACCEPT "

To be honnest, I don't know much about Iptables ,how it is configured and how to configure it on SME.

Seems masq Logging options are not documented (yet?) and I have noticed that line in ulogd : /sbin/iptables --replace denylog 4 --jump ULOG --ulog-prefix "drop:"

I am running SME 6.5.

Thanks in advance.

Title: FirewalEyes and Iptables
Post by: kruhm on June 27, 2006, 07:19:45 AM

possibly: http://no.longer.valid/phpwiki/index.php/SecurityFAQ#firewall3