Hey Mathieu - That’s a good idea! All I need is historical, should be perfect. Thanks! d
From: Mathieu Chateau [mailto:mathieu.chat...@lotp.fr] Sent: Monday, June 15, 2015 3:10 PM To: zenloadbalancer-support Subject: Re: [Zenloadbalancer-support] Logging IP addresses on connections from the internet. Hello, I think you can use iptables to log all connections, and then forward it through syslog or so to somewhere else. But only useful for analyzing over time, not real time decision (like smtp gray listing) Cordialement, Mathieu CHATEAU http://www.lotp.fr 2015-06-15 21:59 GMT+02:00 Dave Williams <d...@revnetdata.com<mailto:d...@revnetdata.com>>: Hi – I really need logging too. Preferably to an external DB. If anyone finds a way, please share! d From: Mathieu Chateau [mailto:mathieu.chat...@lotp.fr<mailto:mathieu.chat...@lotp.fr>] Sent: Monday, June 15, 2015 2:32 PM To: zenloadbalancer-support Subject: Re: [Zenloadbalancer-support] Logging IP addresses on connections from the internet. Hello, I guess it's incoming smtp, else your wouldn't see any relay attempt. Using L4xnat should make your server receiving real remote ip address. Then it must use zen as a gateway for reply. For SMTP, except if you only have 1 ip address, I do not see big benefits, as MX are already meant to survive smtp server failure in the whole internet. Tcpdump wouldn't be useful as you need the true IP in realtime to block smtp connection and not accept it at all. Also needed for grey listing. Cordialement, Mathieu CHATEAU http://www.lotp.fr 2015-06-15 16:44 GMT+02:00 Emilio Campos <emilio.campos.mar...@gmail.com<mailto:emilio.campos.mar...@gmail.com>>: You can use tcpdump in the load balancer in order to obtain the origin IP. 2015-06-12 22:54 GMT+02:00 Ernie Dunbar <maill...@lightspeed.ca<mailto:maill...@lightspeed.ca>>: Hi everyone. We're using the community edition of Zen Loadbalancer, and I've noticed a problem with logging incoming connections. Namely, that it doesn't exist. We've only set up POP and outgoing SMTP as a load balanced service so far, but as a result of that our logs are now filling up with a lot of SMTP relay attempts. Setting up Fail2Ban on the loadbalancer would be pretty easy, if only we had any idea where these connections were coming from, but they're not showing up in any of the logs. Is there some setting that can turn this logging on? ------------------------------------------------------------------------------ _______________________________________________ Zenloadbalancer-support mailing list Zenloadbalancer-support@lists.sourceforge.net<mailto:Zenloadbalancer-support@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support -- Load balancer distribution - Open Source Project http://www.zenloadbalancer.com Distribution list (subscribe): zenloadbalancer-support@lists.sourceforge.net<mailto:zenloadbalancer-support@lists.sourceforge.net> ------------------------------------------------------------------------------ _______________________________________________ Zenloadbalancer-support mailing list Zenloadbalancer-support@lists.sourceforge.net<mailto:Zenloadbalancer-support@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support ------------------------------------------------------------------------------ _______________________________________________ Zenloadbalancer-support mailing list Zenloadbalancer-support@lists.sourceforge.net<mailto:Zenloadbalancer-support@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
------------------------------------------------------------------------------
_______________________________________________ Zenloadbalancer-support mailing list Zenloadbalancer-support@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
