Re: [fwAnalog] fwanalog sample report

From: Balázs Bárány (balazs~AT~tud.at)
Date: Mon Aug 19 2002 - 23:58:50 CEST



Hi,

You have to change your block rules so that they log the log prefix.

Don't use spaces in your log prefixes except at the end, like in my examples below.

iptables -A badhosts $log_limit -j LOG --log-prefix 'badhost '

iptables -A spoofed -i $iface_inet -s $address -j LOG --log-prefix 'spoofed_src_in '

iptables -A nmap -p tcp --tcp-flags SYN,RST SYN,RST $log_limit -j LOG --log-prefix 'nmap_syn/rst_scan '

iptables -A INPUT -i $iface_inet $log_limit -j LOG --log-prefix 'unspecified_in '

Regards

-- 
_________________________________________________________________________
Balázs Bárány       balazs~AT~tud.at        http://tud.at       ICQ 10747763

A good engineer will make considerable effort to avoid additional effort.


This archive was generated by hypermail 2.1.4 : Tue Aug 20 2002 - 00:02:03 CEST