On 29/05/2004 Gian Piero Carrubba wrote: > As said, I don't use firehol, so I can't help about how you can do that, > nevertheless I'm sure you can. > Generally speaking, you need a kernel with support for ulog target and > netlink device, a running ulogd daemon and an iptables rule that > redirect packages to ULOG target (instead of LOG).
ok, so loaded the ipt_ULOG module, and installed ulogd, but now i don't know how to go on. > With ulogd you can log to a specified file or to a running sql server > (mysql and postgres supported, not sure about others). Can't remember if > other possibilities allowed (they are enough for my needs). mh, i think logging all the reject/drop notes like the one at the initial threat post to one specified file would be interesting. Any idea how to simply direct all iptables messages to ulog? > As a side note, unless corrected in the last release, due to some > changes the ulogd daemon present in woody can't work with kernels > > 2.4.17 (or .16 ?), so if you use woody and a kernel > 2.4.(17|16) you > need a backported ulogd. ah, thanks for the info. anyway, i'm using debian/sarge and kernel 2.4.26. bye jonas
