Package: epylog
Version: 1.0.7-2
Severity: normal
Tags: upstream patch
Hello!
The packet module does not find iptable's log entries if they do not
have a 'MAC' entry. When a packet is rejected or dropped na MAC
address will be logged. So these very interesting packets do never
show in epylog packet reports.
Appended you find a patch to make MAC address optional.
Best Regards,
Olaf Ohlenmacher
-- System Information:
Debian Release: 7.0
APT prefers stable
APT policy: (990, 'stable'), (900, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/modules/packets_mod.py b/modules/packets_mod.py
index cdc6590..de9a827 100644
--- a/modules/packets_mod.py
+++ b/modules/packets_mod.py
@@ -43,7 +43,7 @@ class packets_mod(InternalModule):
self.logger = logger
rc = re.compile
iptables_map = {
- rc('IN=\S*\sOUT=\S*\sMAC=\S*\sSRC=\S*\sDST=\S*\s'): self.iptables
+ rc('IN=\S*\sOUT=\S*\s(MAC=\S*\s)?SRC=\S*\sDST=\S*\s'): self.iptables
}
ipchains_map = {
rc('Packet\slog:\s.*PROTO.*'): self.ipchains
