[ previous ] [ next ] [ threads ]
 From:  Gordon Day <gordon at deepcovelabs dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Strongly desired audit feature
 Date:  Thu, 23 Jun 2005 12:40:36 -0700
Hello all, I'd like to suggest a something for m0n0wall that is in the
category of a core firewall feature.  It is a requirement for a number
of different external security audits that there be an audit trail for
any changes made to a firewall. Beyond being a common external audit
requirement, it would be a great aid for those of us with complex rule
sets to see what we changed and when we changed it.

A case in point occured yesterday when I made a number of "innocent"
changes which resulted in a periodically critical service to partially
fail a day later. Discovering which of the 4 changes caused the problem
was a fair headache as I hadn't written down my actions as I performed
them.  Tracking the changes is something that the GUI could do quite
easily but is a pain to do manually and easy to forget.