On Thu, Jan 10, 2008 at 01:20:39PM -0700, Orion Poplawski wrote:
> Andrew Suffield wrote:
> > On Thu, Jan 10, 2008 at 12:39:43PM -0700, Orion Poplawski wrote:
> >> I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate
> >> NetFlow information about traffic going through my router. The question
> >> is how to get the logging rules added to the appropriate chains (I'm
> >> assuming eth2_in and eth2_out in my case)? I'm using the perl version
> >> of shorewall 4.0.6.
> >
> > http://www.shorewall.net/shorewall_logging.html#ULOG
> >
>
> Yes, but short of appending ":ULOG" to all of my rules, I don't see how
> I can log every packet going in and out of the ISP interface to ULOG.
> By default shorewall is configured to log rejected and dropped traffic,
> not accepted traffic.
>
> I guess I could do:
>
> loc net ACCEPT ULOG
>
> in my policy file for outgoing traffic. But what about incoming?
ACTION �%Gâ�%@
{ACCEPT[+|!]|NONAT|DROP[!]|REJECT[!]|DNAT[-]|SAME[-]|REDI�$B!>�(B
RECT[-]|CONTINUE[!]|LOG|QUEUE[!]|NFQUEUE[/queuenumber]|COMMENT|ac�$B!>�(B
tion|macro[/target]}[:{log-level|none}[!][:tag]]
Specifies the action to be taken if the connection request
matches the rule. Must be one of the following.
ACCEPT Allow the connection request.
ACCEPT+
like ACCEPT but also excludes the connection from any
subsequent matching DNAT[-] or REDIRECT[-] rules
[...]
LOG Simply log the packet and continue with the next rule.
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
