Hello all, we are using Firewall on CD now for a while, but one of our customers wants to log the traffic amount (like NTOP or iptraf, for example). Since this distribution is on a CD, we can't install additional programs (surprise! ;) ). We don't want to install another machine as host for a logging program, so is it possible to use the IP-Chains log for traffic logging purposes, or is on the Firewall on CD a program, which is suitable for this ? Thanks, Alexander Reach
* Alexander Reach (reach@martinsfeld.de) [011106 09:35]:
Since this distribution is on a CD, we can't install additional programs (surprise! ;) ).
Well, you can add a second cdrom drive with additional but that's a little ugly.
We don't want to install another machine as host for a logging program, so is it possible to use the IP-Chains log for traffic logging purposes, or is on the Firewall on CD a program, which is suitable for this ?
There really isn't anything on the CD like iptraf or ntop in the interest of only having absolutely necessary software on the firewall. ipchains logging only logs the headers for matched packets which really isn't what you are looking for probably. If you do add a seperate logging host, another customer had an interesting solution to this: he configured a seperate logging machine outside of the firewall and cut the transmit pair in the cat5 cable...it never occured to me anyway. -- -ckm
On Tue, 6 Nov 2001 10:33:10 -0800
Christopher Mahmood
* Alexander Reach (reach@martinsfeld.de) [011106 09:35]:
Since this distribution is on a CD, we can't install additional programs (surprise! ;) ).
Well, you can add a second cdrom drive with additional but that's a little ugly.
We don't want to install another machine as host for a logging program, so is it possible to use the IP-Chains log for traffic logging purposes, or is on the Firewall on CD a program, which is suitable for this ?
There really isn't anything on the CD like iptraf or ntop in the interest of only having absolutely necessary software on the firewall. ipchains logging only logs the headers for matched packets which really isn't what you are looking for probably.
If you do add a seperate logging host, another customer had an interesting solution to this: he configured a seperate logging machine outside of the firewall and cut the transmit pair in the cat5 cable...it never occured to me anyway.
Beware doing this though, as it will not work on alot of switches, as the link tests do not correctly function. Should work fine on hubs though. You are probably better running a log host over serial if you want it to be invisible... -- Viel Spaß Nix - nix@susesecurity.com http://www.susesecurity.com
Well, i don't really know, but doesn't iptables -L -v give you the statistics you are looking for? Greetings, Stefan Nauber Cs2 Informatik GmbH & Co. KG - Niederlassung West - Kurfürstenanlage 3 69115 Heidelberg Germany Tel.: +49 (6221) 6041-0 Fax : +49 (6221) 6041-50 Email: mailto:stefan.nauber@cs2-informatik.de Internet: http://www.cs2-informatik.de
participants (4)
-
Alexander Reach -
Christopher Mahmood -
Peter Nixon -
Stefan Nauber