ipchains -L , will tell you the current rules, if it's empty then it isn't active and yeah logging them in /var/log/messages and then probably tail -f | grepping the firewall logs parameters and redirecting it to another file, and then another shell script who keeps watching that output file, if it doesnt change withing a minute or so then produce an alert, can be done via some awk or cut to cut out the file size out of ls -al. DAMN that's such a brainstorm, I'll work on that for myself as soon as i get some time. =)
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk --- Nick Lindsell <[EMAIL PROTECTED]> wrote: >At 10:28 09/07/2002 -0400, you wrote: >>On Tue, 2002-07-09 at 10:27, Shaw, Marco wrote: >> > We use HP ITO/VPO at work. I'm trying to figure out how we can monitor >> ipchains, and make sure it's running. I see nothing shows up in ps >> related to ipchains, probably since it runs as a kernel module. >> > >> > Any ideas on how we can monitor ipchains or even iptables with a >> corporate management tool? Just trying to figure out if someone has >> already done this. I've got ideas like creating a special shell script >> for Linux/ipchains monitoring... >> > >> > Marco >> > >>I'm not sure about the monitoring part, but to make sure ipchains is >>running just run the command "/sbin/lsmod". It should show up in the >>list of mods running. > >Use the "log" ( - l ) argument to ipchains when you set your firewall up. >Then watch /var/log/messages overflow........... > > > > >>-Jon >> >> >> >>_______________________________________________ >>Redhat-list mailing list >>[EMAIL PROTECTED] >>https://listman.redhat.com/mailman/listinfo/redhat-list > > > >_______________________________________________ >Redhat-list mailing list >[EMAIL PROTECTED] >https://listman.redhat.com/mailman/listinfo/redhat-list _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with [EMAIL PROTECTED] by Everyone.net http://www.everyone.net/?btn=tag _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
