Re: [Fwbuilder-discussion] Iptables logging with fwbuilder
Brought to you by:
mikehorn
Menu
▾
▴
Re: [Fwbuilder-discussion] Iptables logging with fwbuilder
|
From: <va...@vk...> - 2006-09-14 01:39:15
|
On Sep 13, 2006, at 7:09 AM, Alejandro Kurchis wrote:
> Dear all, I've built an iptables firewall with fwbuilder, this tool is
> really wonderful. But I have this two short questions related to event
> logging:
>
> 1) If I use ULOG logging, does fwbuilder let me put the logs in
> another
> server with a MySQL DB or just it lets me put the logs in the local
> host
> which must run a MySQL DB ??
>
here is what ULOG target of iptables does:
ULOG
This target provides userspace logging of matching packets.
When this
target is set for a rule, the Linux kernel will multicast
this packet
through a netlink socket. One or more userspace processes may
then sub-
scribe to various multicast groups and receive the packets.
Like LOG,
this is a "non-terminating target", i.e. rule traversal
continues at
the next rule.
fwbuilder helps you configure iptables. If you wish to do logging
with ULOG, you can use fwbuilder to configure iptables that way. What
you do with logs is up to you. You need something to capture logs
sent by the kernel via netlink socket, but that program is not
fwbuilder, it should be something else.
> 2) Which Linux package may I use in order to view iptables logs with
> syslog and/or with ulog in a web interface ??? I tried before a
> couple
> of packages like weblog and I don't succeed.....maybe you can tell me
> one or two new options to try.
>
we have couple of scripts in the "Contrib" area of our project on
Sourceforge, but these scripts are not very elaborate and do not have
their own GUI etc.
May be other users can share their experience with working with logs ?
--vk
|