OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Aliaga, Alberto (Alberto.Aliaga_at_cwe.cwplc.com)
Date: Tue Aug 13 2002 - 05:56:32 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi Harald,

            I would like to thank you for comment about the generator
    fwlogwatch, It may be interesting for my issue. As well, I would like to
    apologize for sending my question to this list in spanish, I did not know
    that this list is a only english-spoken list. By the way, It seems that the
    --log-prefix option in LOG target is a good option to select iptables logs
    from facility kernel.*, as long as you use a specific enough prefix.

            Thank you for all
     

    Alberto Aliaga Zapata
    Dpto. de Sistemas

    CABLE & WIRELESS
    Delivering the Internet PromiseTM
    www.cw.com/es

    Email: alberto.aliagacw.com
    Tel.: +34 93 264 05 34
    Fax: +34 93 264 05 39
     

    -----Mensaje original-----
    De: Harald Nikolisin [mailto:harald.nikolisinsofistik.de]
    Enviado el: Tuesday, August 13, 2002 12:10 PM
    Para: SuSE Security Discussion (E-mail)
    Asunto: Re: [suse-security] asignar una facility propia al target LOG de
    iptables

    hi list, hi alberto

    because this is a english-spoken list, all people prefer you use rather a
    bad
    english (as me) as a perfect spanish.

    I hope I understand everything. you want to pipe all logged entries from
    IPTABLES to a specific log-file. you know the switch "-j LOG" and that you
    are able to filter all kernel related stuff (kern.*) into a special log file

    (like /var/log/firewall) which is controlled by the syslog.conf
    but this is not enough for you.

    I also searched without success for that topic in the excellented
    firewall/IPTables book from Wolfgang Barth. maybe he is on the list and can
    give a hint?

    but a good solution is for me to filter the /var/log/firewall with the
    generator fwlogwatch (output also in html possible).

    http://cert.uni-stuttgart.de/projects/fwlogwatch/

    the html-output is very useful to get a quick overview.

    Am Dienstag, 13. August 2002 11:13 schrieb Aliaga, Alberto:
    > Hola a todos,
    >
    > Alguien sabe si es posible asignar una nueva facility al syslogd
    > para los registros del target -j LOG de iptables. Sé que se puede añadir
    un
    > prefijo a la target del iptables y así poder filtrarlos de la facility
    > kernel pero esto no me es suficiente.
    >
    >
    > Gracias por vuestra ayuda.
    >
    > Alberto Aliaga Zapata
    > Dpto. de Sistemas
    >
    > CABLE & WIRELESS
    > Delivering the Internet PromiseTM
    > www.cw.com/es
    >
    > Email: alberto.aliagacw.com
    > Tel.: +34 93 264 05 34
    > Fax: +34 93 264 05 39 

    -- 
Mit freundlichen Grüssen / With kind regards

    Dipl.-Ing. Harald Nikolisin
SOFiSTiK AG (Entwicklung)

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here