On 1/1/07, Patrick Ben Koetter [EMAIL PROTECTED] wrote:
I run a sloppy modified version from a p0f-init-skript that Dag Wieers
created. You can download it here:
http://postfix.state-of-mind.de/patrick.koetter/p0f
Feel free to improve it. ;)
And so I've tried:
On 1/1/07, Patrick Ben Koetter [EMAIL PROTECTED] wrote:
I run a sloppy modified version from a p0f-init-skript that Dag Wieers
created. You can download it here:
http://postfix.state-of-mind.de/patrick.koetter/p0f
Feel free to improve it. ;)
Thanks!
--
-ste
Has anyone come up with a clean way of starting and stopping p0f
p0f-analyzer? On my CentOS 4.4 system, there is an init.d script for
p0f, but that's to use it standalone, logging to a file. I haven't
been able to figure out how to modify it to cleanly start and stop
both programs, while still
Shaun T. Erickson wrote the following on 1/1/2007 9:39 AM -0800:
Has anyone come up with a clean way of starting and stopping p0f
p0f-analyzer? On my CentOS 4.4 system, there is an init.d script for
p0f, but that's to use it standalone, logging to a file. I haven't
been able to figure out how
On 1/1/07, Bill Landry [EMAIL PROTECTED] wrote:
I tried the init script and was unsuccessful at making that work.
Instead, try adding something like the following to /etc/rc.local:
/usr/sbin/p0f -f /etc/p0f/p0f.fp -l 'tcp dst port 25' 21 |
/usr/local/sbin/p0f-analyzer.pl 2345
Use whatever
On Mon, January 1, 2007 18:39, Shaun T. Erickson wrote:
while still piping them together as maRBL and
amavisd-new need them to be.
in gentoo i just emerged p0f and don't start p0f from the init
and in /etc/conf.d/local.start added
# /etc/conf.d/local.start
p0f -q -i interface -l 'tcp dst
* Shaun T. Erickson [EMAIL PROTECTED]:
# /etc/conf.d/local.start
p0f -q -i interface -l 'tcp dst port 25' | p0f-analyzer.pl 2345
interface is is eg eth0
Which is what I'm doing as well, but doesn't accomplish what I want. :)
I run p0f from runit. My /var/service/p0f/run file:
* Shaun T. Erickson [EMAIL PROTECTED]:
Has anyone come up with a clean way of starting and stopping p0f
p0f-analyzer? On my CentOS 4.4 system, there is an init.d script for
p0f, but that's to use it standalone, logging to a file. I haven't
been able to figure out how to modify it to cleanly
