> Shorewall can't tell you the pid because Netfilter doesn't provide a > capability that would allow Shorewall to request the PID in log messages! > >> >> I can't believe that no one's ever thought of these things before. >> > > Shorewall is a firewall configuration tool, not an IDS. If you want an > IDS, install one.
It strikes me that SELinux could be of benefit here. Also (never used this myself), the Linux Audit Framework. ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
