From: Mike Sassaman (msassaman~AT~strategictele.com)
Date: Thu Jun 10 2004 - 18:39:24 CEST
I have installed fwanalog for the first time, and so far it appears to be working as designed, which is to say, I like it.
My goal is this: I'm sending my iptables firewall logs to a syslog server, and from there I would like fwanalog to be able to chart the outgoing web surfing traffic from my LAN, broken down per private IP, showing destination website address.
To this end I have added a logging rule to my firewall:
iptables -I PrivWan -s *privateLAN* -d 0.0.0.0/0 -p tcp --destination-port 80 -j LOG --log-prefix web_out
This rule is logging what I need, the source and dest IPs of all outgoing web traffic.
The current fwanalog report setup shows me the outgoing web traffic, and the source address, but not the destination. Is this something that can be easily done by someone who is not versed in perl? If so, how? None of the settings in the docs appear to address this scenario.
Thanks for any replies,
This archive was generated by hypermail 2.1.5 : Fri Jun 11 2004 - 16:22:03 CEST