Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] Susefirewall2 weblogger
  • From: Bruno Cochofel <bruno.cochofel@xxxxxxxxx>
  • Date: Mon, 03 Oct 2005 23:37:51 +0100
  • Message-id: <4341B2BF.5070808@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've made the changes that you explain but nothing happens on the
console and there's some activity on the log file...
If I don't have the session support or DBI and mysql in the Perl
config will it give me any error? 'Cos the script runs without
complains...

Markus Heidinger wrote:

>Bruno Cochofel wrote at Monday, October 03, 2005 11:14 AM
>
>>I found a weblogger that comes with support for susefirewall but I
>>can't seem to get this right...
>>
>>Can someone help me on this?
>>
>>Iptables logs can be found at: http://www.gege.org/iptables/
>
>
>I had never heard of this before but immediately tried it out ;-) ... It was
>a littly bit hard to get it rununing, but now it works, with slightly
>amended scripts for feeding the log entries into the database. What you need
>ast first is to install session support and DBI for mysql for Perl.
>
>Furthermore the init script provided with the package does not work, first
>try to start the script from a console without any options and it will print
>all entries to the console as well as insert it into the database.
>
>Script "feed_db.pl" has to be changed as follows to get the correct entries
>into the correct database columns:
>
>############################################################################
>####
>################# C O N F I G S E C T I O N
>#############
>############################################################################
>####
>
>my $dsn = 'DBI:mysql:iptables:srv-mdh-001.mh-infoman.loc';
>my $db_user_name = 'iptables_admin';
>my $db_password = '********';
># Password here ^^^^^^^^
>my $log_file = '/var/log/firewall';
> ^^^^^^^^^^^^^^^^^^
>my $pid_file = "/var/run/iptablelog.pid";
>
>[...]
>
>while (<LOG_FILE>) {
># if (!/$log_tag/) { next; }
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> my(@entry_split)=split / +/;
> my(%entry);
>
>[...]
>
># shift(@entry_split); # [IPTABLES
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> my($chain_name)=shift(@entry_split); # DROP]
># $chain_name=~s/\]//;
>^^^^^^^^^^^^^^^^^^^^^^^
># shift(@entry_split); # :
>^^^^^^^^^^^^^^^^^^^^^^^^^^^
> foreach (@entry_split) {
> if (/(.*)=(.*)/) {
> (my($field),my($value))=split /=/;
> $entry{$field}=$value;
> }
> }
>
>[...]
>
>(Only relevant sections shown above, leave anything else unchanged!)
>
>Now the entries should occur in the database.
>I did not yet amend the init script, try to run it by "startproc -s
>/usr/local/bin/feed_db.pl &> /dev/null".
>
>HTH,
>Best regards,
>
>Markus
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org

iD8DBQFDQbK/vug0e/DKR7kRAg+PAJwP6fAE4TLQrrLPPotjc+k6TMpRzACfWF8Q
sKqEYaQ53aVQIXBmEc2F2Ts=
=q9cP
-----END PGP SIGNATURE-----

< Previous Next >
References