What is the easiest way to have only pptpd, and ppp messages log to
their own file? I am trying to figure out how to do this with syslog.
Thanks for any help,
PS: Originally I forgot to post this to the list. Does anyone else have
any ideas about having *just* ppp, and pptpd messages in their own
logfile, without other loglevel info?
Bruce Garlock wrote:
> Ray Van Dolson wrote:
>> ip-up only runs when a user successfully authenticates (it's run when the
>> ppp link is brought up). So I don't think that would help you. If
>> running a Radius server you might be able to tell it to enforce this sort
>> of thing.
> I may give the Radius route a try.
>> Another solution would be to write a script that monitors your
>> /var/log/messages file for the client IP, and then keep track of
>> whether or
>> not connections from that IP authenticate or fail to authenticate. You
>> could then have this script modify chap/pap secrets as necessary to
>> an account.
> I was actually just thinking of using swatch to monitor the messages
> file. I have been looking at how the log file is produced when a user
> logs on, and when one fails, and will probably write something this way.
> Anyone else have any better ideas for this?
> - Bruce
>> Maybe someone will have a better idea :)
>> On Thu, Dec 23, 2004 at 10:20:47AM -0500, Bruce Garlock wrote:
>>> I am searching for ways to limit the number of failed logon attempts to
>>> our pptp server. I am wondering if the maxfail option can be used to do
>>> this. I would also like to add the IP address of the failed client, to
>>> be blacklisted, and an email sent to the admin of the pptp server.
>>> Does anyone have any script that can help me out with this? I would
>>> like to know what variables I can use in my script to do this.
>>> Also, Does /etc/ppp/ip-up run before or after the user authenticates?
>>> Is there any script that runs before the user authenticates? What
>>> variable is the IP address of the client assigned, so I can pass that to
>>> another script to have them blacklisted?
>>> Thanks for any help on this..
>>> - Bruce
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> Poptop-server mailing list