On 01/29/2012 07:50:54 PM, Harry Putnam wrote: > I'd like to be able to see what is coming at me... But I'm too > chicken > and inexperienced to put an openwrt powered router (TP-Link-WR1043ND) > I'm fiddling with in as the lan gateway router connected to > direct.path satellite modem. > > I have a cisco-lynksys WRT120N doing that job. > > However that router has no builtin system for mailing logs. You have > to go thru a routine of viewing/saving etc/. > > I'd like to have iptables able to see all that is coming at me but > only for logging purposes. Maybe put the openwrt powered router in > as a sort of DMZ, but not the normal way a DMZ is used. Just the > barest firewall that allows one to log every thing that is suspected > of being malicious, and block everything inbound of that nature. > > So I'm thinking to chain the wan port of the openwrt router to the > lan > router. Open one lan port to mail logs... and find some help on an > appropriate firewall. > > Then on the lan router set the openwrt router as DMZ.
How are you going to get the info from the cisco to the openwrt box? I don't know the cisco but I bet you're not, at least not in a way that feeds network data into iptables. You could script the openwrt to screen-scrape the cisco's logs, but that's a kludge. That only leaves 2 choices. You could put the openwrt box between the cisco and the lan, in which case you may as well connect the openwrt directly to your satellite modem and throw the cisco out. Or you can buy a hardware eithernet tap to put between the cisco and the satellite modem and then plug the openwrt both into the lan (for communications) and the tap (for monitoring). Karl <[email protected]> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-users
