It is necessary to make minor adjustments to the
logwatch scripts, to get logwatch to report
the shorewall log entries.
Searching the net, I could not find anybody that
had repored successful marriage of those two.
I hope this will help finding solutions when
using shorewall.
The patch is in the attached file, but in case the
attachment does not get through, here it is - with
all those long lines bent and broken:
--- iptables.dist 2008-03-29 00:39:00.000000000 +0000
+++ iptables 2008-03-29 00:48:21.000000000 +0000
@@ -121,7 +121,7 @@
$ipt2{$actionType}{$if}{$toport}{$proto}{$fromip}{$toip}{"$chain,
$if"}++;
}
# IPTABLES
- elsif (($chain,$ifin,$ifout,$fromip,$toip,$proto,$rest) = ($ThisLine
=~ /^(.*?)\s*IN=(\w*).*?OUT=(\w*).*?SRC=([\w\.:]+).*?DST=([\w
\.:]+).*?PROTO=(\w+)(.*)/ )) {
+ elsif (($chain,$ifin,$ifout,$fromip,$toip,$proto,$rest) = ($ThisLine
=~ /^.*?Shorewall:(.*?):\s*IN=(\w*).*?OUT=(\w*).*?SRC=([\w
\.:]+).*?DST=([\w\.:]+).*?PROTO=(\w+)(.*)/ )) {
# get a destination port number (or icmp type) if there is one
if (! ( ($toport) = ( $rest =~ /TYPE=(\w+)/ ) ) ) {
--
Kindest Regards, Anna Jonna Ármannsdóttir, %& A: Because people read
from top to bottom.
Unix System Aministration, Computing Services, %& Q: Why is top posting
bad?
University of Iceland.
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It''s the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace