Hello,
It'd be nice to be able to configure what gets logged - e.g. packets can
get logged for a variety of different reasons:
prefix `Bad TCP flag(128): '
prefix `Bad TCP flag(64): '
prefix `Class A address: '
prefix `Class B address: '
prefix `Class C address: '
prefix `Class M$ address: '
prefix `Connection attempt (PRIV): '
prefix `Connection attempt (UNPRIV): '
prefix `Dropped FORWARD packet: '
prefix `Dropped INPUT packet: '
prefix `Fragmented packet: '
prefix `FRAGMENTED PACKET (OUT): '
prefix `ICMP(other) flood: '
prefix `ICMP-param.-problem: '
prefix `ICMP-param.-problem flood: '
prefix `ICMP-request: '
prefix `ICMP-request(ping) flood: '
prefix `ICMP-source-quench: '
prefix `ICMP-source-quench flood: '
prefix `ICMP-time-exceeded: '
prefix `ICMP-time-exceeded flood: '
prefix `ICMP-unreachable: '
prefix `ICMP-unreachable flood: '
prefix `Other-IP connection attempt: '
prefix `Spoofed packet: '
prefix `Stealth FIN scan: '
prefix `Stealth Null scan: '
prefix `Stealth scan (PRIV)?: '
prefix `Stealth scan (UNPRIV)?: '
prefix `Stealth SYN/FIN scan(?): '
prefix `Stealth SYN/RST scan: '
prefix `Stealth XMAS-ALL scan: '
prefix `Stealth XMAS-PSH scan: '
prefix `Stealth XMAS scan: '
prefix `TCP port 0 OS fingerprint: '
prefix `TCP source port 0: '
prefix `UDP port 0 OS fingerprint: '
prefix `UDP source port 0: '
It would be great to be able to choose which classes of problem you want
to log, as well as maybe the log frequency....
Thanks,
Tim.
--
South East Open Source Solutions Limited
Registered in England and Wales with company number 06134732.
Registered Office: 2 Powell Gardens, Redhill, Surrey, RH1 1TQ
VAT number: 900 6633 53 http://seoss.co.uk/ +44-(0)1273-808309
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
