On Sat, Apr 24, 1999 at 12:14:05PM -0400, Paul Tod Rieger wrote: > > Or should I filter them out with "grep -v" or such? This leads to > another question, one more relevant to the list: >
Just deny them without the "-o" (log) option before the deny-all -o > Are there any web-enabled apps that would allow me to monitor my server > from a web browser on another machine? My firewall is also a webserver, > so I'd like to use that capability to check the console and other logs. To see e.g. /var/log/messages from a browser I have written a short cgi-bin script in bash. As the apache server runs as www-data user (Debian 2.0) you must add www-data user to the group adm (the one with read access to the logs in Debian 2.0) THE SCRIPT: #!/bin/bash # # Frame to show /var/log/messages # exec 2>&1 # Redirect errors to stdout ( Thanks to Luis Colorado ;) # NEXT TWO LINES ARE OBLIGATORY FOR CGI-BIN echo Content-type: text/plain echo echo "/var/log/messages:" cat /var/log/messages ############################# THE END ################################## NOTE: I think this has two disavantages: 1- ANYONE in your lan can read the logs. 2- If someone breaks into your system via the web server he can read the logs... If you give no web service to inet and your internal network is safe no problem. - What do you think about this (safety of the toy)? Best regards, -- -------------------------------- Manel Marin e-mail: [EMAIL PROTECTED] Linux Powered (Debian 2.0) --------------------------------
