[Dshield] 'iptables' config for WRT54G running Sveasoft Alchemy-pre5.4a

Ejay Hire ejay.hire at isdn.net
Fri May 6 06:52:40 GMT 2005


Hi.

To do this you need to load the iptables logging module and
add --log to your deny rule(s).

-ejay 

> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of David
Lawless
> Sent: Thursday, May 05, 2005 8:15 PM
> To: list at lists.dshield.org
> Subject: [Dshield] 'iptables' config for WRT54G running 
> Sveasoft Alchemy-pre5.4a
> 
> I'm planning on setting up Dshield log submissions using 
> 'iptables' logging from my Linksys WRT54G running Sveasoft

> Alchemy-pre5.4a (i.e. Linux).  I'm forwarding the
'syslogd' 
> messages to my CentOS 4 (RHEL 4) Linux system and the
messages 
> are getting recorded nicely.
> 
> I downloaded 'iptables.tar.gz' from the "Linux 2.4x
iptables" 
> link on the "Linux and UNIX 'Framework' Clients" page.  I
see a 
> nifty Perl script for parsing the logged 'iptables'
connection 
> entries and sending them to Dshield.org.
> 
> What I don't see are the 'iptables' commands for
configuring 
> connection and probe logging in the kernel.  Seems like a
rather 
> major omission.  At present the 'iptables' setup on the
router 
> doesn't log anything but invalid state connection
activity. What 
> I need are 'iptables' entries for logging the WAN side
inbound 
> connection attempts.  Makes no sense to log anything from
the 
> LAN side or any outbound connection requests.  I've
attached the 
> current 'iptables' to this message.
> 
> Any help would be appreciated.
> 
> Thanks,
> 
> David




More information about the list mailing list