Shorewall users - Jul 2003 - CIPED and Shorewall

Hi Tom (and the community),

First of all, I would like to thank you for introducing me to a very good 
tool. I have setup Shorewall on a RH 9.0 (2.4.20-8), this is a minimal 
installation and the setup of Shorewall was very smooth (thanks to such a 
lovely documentation and examples) and am in the process of customizing it 
more for my needs.

I had couple questions as mentioned below and I really appreciate some 
expertise here.

1. I would like to use this new box to act a VPN gateway (CIPED) also to 
connect to two other locations. Can I do this on the same box and if yes, 
how do I achieve this? If this has been done by somebody already, please 
direct me to that thread or doc.

2. I would like to log every activity happening thru'' Shorewall and get
that
log to my e-mail everyday. Also, if I can configure it to send me alerts if 
someone is trying to do some mischief, that will be great. If this can be 
achieved by the default log method (syslog) that is fine as for some reason 
my ULOG does not run well and throws up a bunch of errors.

Thanks very much..
DK

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail

On Thu, 2003-07-24 at 13:46, Dubba Kor wrote:
> 
> 1. I would like to use this new box to act a VPN gateway (CIPED) also to 
> connect to two other locations. Can I do this on the same box and if yes, 
> how do I achieve this? If this has been done by somebody already, please 
> direct me to that thread or doc.
Can''t help you there -- no one has stepped up to help with CIPE support
for Shorewall although there are a wealth of other VPN choices.
> 
> 2. I would like to log every activity happening thru'' Shorewall
and get that
> log to my e-mail everyday.
logwatch together with liberal logging rules should do that. I''m
nervous
about the term "every activity" though -- NetFilter logging is not
meant
to serve as an audit trail and trying to log all traffic through your
firewall will bring your system to its knees!
> Also, if I can configure it to send me alerts if 
> someone is trying to do some mischief, that will be great.
There''s nothing in Shorewall that can do that but others may have a
solution.
> If this can be 
> achieved by the default log method (syslog) that is fine as for some reason
> my ULOG does not run well and throws up a bunch of errors.
> 
If you''re trying to log all traffic through your firewall, then any
daemon that you use will "throw up errors" or it will drop a large
percentage of the messages on the floor.

Since a number of people seem to have problems building a ulogd that
works though, I''ve placed a tarball of my working ulogd environment at:

	ftp://shorewall.net/pub/shorewall/ulogd/ulogd.tgz

Built and runs on RH9.0.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Talking about VPN, I''ve managed to install OpenVPN & Shorewall very
smoothly
and fast.
So maybe you want to consider this alternative, too.

Stefaniu Criste