Mailinglist Archive: opensuse-security (232 mails)

< Previous Next >
Re: [suse-security] Susefirewall2 weblogger
  • From: Bruno Cochofel <bruno.cochofel@xxxxxxxxx>
  • Date: Mon, 03 Oct 2005 23:09:10 +0100
  • Message-id: <4341AC06.8030604@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for all...
Now my problem... I'm not that good with perl, so how can I install
session support and DBI on Perl? I think I've got this right, there's
nothing to do with mysql, right? Only the support for perl...

Markus Heidinger wrote:

> Bruno Cochofel wrote at Monday, October 03, 2005 11:14 AM
>
>> I found a weblogger that comes with support for susefirewall but
>> I can't seem to get this right...
>>
>> Can someone help me on this?
>>
>> Iptables logs can be found at: http://www.gege.org/iptables/
>
>
> I had never heard of this before but immediately tried it out ;-)
> ... It was a littly bit hard to get it rununing, but now it works,
> with slightly amended scripts for feeding the log entries into the
> database. What you need ast first is to install session support and
> DBI for mysql for Perl.
>
> Furthermore the init script provided with the package does not
> work, first try to start the script from a console without any
> options and it will print all entries to the console as well as
> insert it into the database.
>
> Script "feed_db.pl" has to be changed as follows to get the correct
> entries into the correct database columns:
>
> ############################################################################
> #### ################# C O N F I G S E C T I O N
> #############
> ############################################################################
> ####
>
> my $dsn = 'DBI:mysql:iptables:srv-mdh-001.mh-infoman.loc'; my
> $db_user_name = 'iptables_admin'; my $db_password = '********'; #
> Password here ^^^^^^^^ my $log_file = '/var/log/firewall';
> ^^^^^^^^^^^^^^^^^^ my $pid_file = "/var/run/iptablelog.pid";
>
> [...]
>
> while (<LOG_FILE>) { # if (!/$log_tag/) { next; }
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ my(@entry_split)=split / +/;
> my(%entry);
>
> [...]
>
> # shift(@entry_split); # [IPTABLES
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> my($chain_name)=shift(@entry_split); # DROP] #
> $chain_name=~s/\]//; ^^^^^^^^^^^^^^^^^^^^^^^ #
> shift(@entry_split); # : ^^^^^^^^^^^^^^^^^^^^^^^^^^^ foreach
> (@entry_split) { if (/(.*)=(.*)/) { (my($field),my($value))=split
> /=/; $entry{$field}=$value; } }
>
> [...]
>
> (Only relevant sections shown above, leave anything else
> unchanged!)
>
> Now the entries should occur in the database. I did not yet amend
> the init script, try to run it by "startproc -s
> /usr/local/bin/feed_db.pl &> /dev/null".
>
> HTH, Best regards,
>
> Markus
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org

iD8DBQFDQawGvug0e/DKR7kRAo6HAJ9jr7eCUDw8B7lBs86MKsm6kyvJhACgi9zl
U6TUaPq/dhA2pAOnBF4usVM=
=IEDm
-----END PGP SIGNATURE-----

< Previous Next >
Follow Ups
References