[Dshield] 'iptables' config for WRT54G running Sveasoft Alchemy-pre5.4a

David Lawless david_lawless at flumedata.com
Fri May 6 01:15:28 GMT 2005


I'm planning on setting up Dshield log submissions using 
'iptables' logging from my Linksys WRT54G running Sveasoft 
Alchemy-pre5.4a (i.e. Linux).  I'm forwarding the 'syslogd' 
messages to my CentOS 4 (RHEL 4) Linux system and the messages 
are getting recorded nicely.

I downloaded 'iptables.tar.gz' from the "Linux 2.4x iptables" 
link on the "Linux and UNIX 'Framework' Clients" page.  I see a 
nifty Perl script for parsing the logged 'iptables' connection 
entries and sending them to Dshield.org.

What I don't see are the 'iptables' commands for configuring 
connection and probe logging in the kernel.  Seems like a rather 
major omission.  At present the 'iptables' setup on the router 
doesn't log anything but invalid state connection activity. What 
I need are 'iptables' entries for logging the WAN side inbound 
connection attempts.  Makes no sense to log anything from the 
LAN side or any outbound connection requests.  I've attached the 
current 'iptables' to this message.

Any help would be appreciated.

Thanks,

David
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipt_filter.txt
Url: http://www.dshield.org/pipermail/list/attachments/20050505/19e18405/ipt_filter.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipt_nat.txt
Url: http://www.dshield.org/pipermail/list/attachments/20050505/19e18405/ipt_nat.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipt_mangle.txt
Url: http://www.dshield.org/pipermail/list/attachments/20050505/19e18405/ipt_mangle.txt


More information about the list mailing list