[Dshield] just got an SMC Barricade.....

Wayne Larmon wlarmon at dshield.org
Tue Jun 10 20:08:09 GMT 2003


I don't have any hands one experience with that model of Barricade), but I
know that Routerlog only works with one chipset.  It is possible that the
Barricade you have might be newer and has a different chipset.

Can the Barricade save the logs using either SMNP or Syslog?  If so, then
try using Kiwi Syslog Daemon (free from
http://www.kiwisyslog.com/info_syslog.htm) to capture the logs.   Configure
Kiwi as is described at http://www.dshield.org/clients/kiwi_setup.php

Then install our CVTWIN http://www.dshield.org/clients/cvtwinfirewalls.php
and set it to the Kiwi (All formats) setting and see if it converts your
log.  If it does, then great, you are all set.

If it doesn't, then send a sample of the log that Kiwi produces to me (off
list) so I can write a new CVTWIN converter.

Wayne Larmon
wlarmon at dshield.org
DShield.org

> hi folks.
>
> i've just purchased an SMC Barricade firewall/router (the
> SMC7004VBR for the
> record), and i want to start contributing my logs to the DShield
> Fight-Back
> project.
>
> i've checked out the pages and downloaded RouterLog however it
> doesn't seem
> to be able to talk to the SMC.  the routher address is correct, the admin
> password is correct, but clicking on the "Show Router Info"
> button brings up
> a screen full of parser errors with a very brief note flashing by
> which says
> "Not Applicable: Static IP".
>
> when clicking the "Get it now" button, the status indicator goes from
> "Waiting..." to "getting content from AMIT..." and then back to
> "Waiting..."
> even when there are attacks showing in the logs (viewable from the web
> interface).
>
> i've also gone to the SMC site and downloaded the latest firmware for the
> firewall and updated it.
>
> anyone have experience with this firewall or can shed some light?
>
> more useful info:
>
> Runtime Code Version:
>   1.23 (Apr 30 2003 16:12:04)
> Boot Code Version:  V1.05
> Hardware Version:  01
> Serial Num:   S235008240
>
> thanks in advance!
>
> -d





More information about the list mailing list