Package: arno-iptables-firewall Version: 1.8.8.o-2 Severity: wishlist Tags: patch
In its default configuration, a lot of noise ends up in the logs - given the frequency of intrusion attempts these days. This attached patch works in conjunction with the rsyslogd, and add filtering of the firewall logs to a separate file. Whilst this helps declutter the general log files, more control of the logging of this package via debconf would be appreciated! Thanks, Tim. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages arno-iptables-firewall depends on: ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii gawk 1:3.1.5.dfsg-4.1 GNU awk, a pattern scanning and pr ii iptables 1.4.1.1-3 administration tools for packet fi Versions of packages arno-iptables-firewall recommends: ii dnsutils 1:9.5.0.dfsg.P2-1 Clients provided with BIND ii iproute 20080725-2 networking and traffic control too ii lynx 2.8.7dev9-2 Text-mode WWW Browser (transitiona arno-iptables-firewall suggests no packages. -- debconf information excluded
--- /dev/null 2008-10-18 15:24:00.515817246 +0100 +++ /etc/rsyslog.d/arno-iptables-firewall.conf 2008-10-23 12:44:10.000000000 +0100 @@ -0,0 +1,5 @@ +# Log firewall messages to /var/log/firewall (asynchronously), and then drop them so that +# they aren't logged again elsewhere. + +:msg, regex, "IN=.* OUT=.* MAC=.* SRC=.* DST=.* LEN=" -/var/log/firewall +& ~
