[ previous ] [ next ] [ threads ]
 From:  Markus Kamp <mk underscore cactus at gmx dot de>
 To:  monowall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  How to archive logs without syslogd server?
 Date:  Wed, 23 Feb 2005 11:21:28 +0100
Hash: SHA1

Hi there!

I am new to m0n0 and did not set it up yet since I'm still waiting for 
an old IBM Thin Client (NetVista N2400) coming up on eBay to use it for 
that purpose (by the way: Are there any known problems with this type 
of machine?).

I'm planning to use m0n0 on a small private Network (WLAN 802.11b for 
up to 10 Clients).

For law related issues (living in Germany) I'll have to log all traffic 
going over the WAN port to make sure that, if LAN users get caught 
doing something illegal, I'm able to prove that it wasn't me and not to 
go to jail for one of them :-)

There is no server here running 24/7 that could be used as a syslogd 
machine, so I'll have to do all the logging on m0n0 itself.
Of course I could set up another thin client as syslogd machine but 
that would add another approx. 20 Watts power consumption just to keep 
the logs

So I think of something like this:
- - Set up monowall in a way it doesn't delete old logs by itself (and 
ideally keeping 'em on another Drive than the boot device)
- - Download the logs to my personal computer say once a week and delete 
'em on m0n0wall manually afterwards
- - Archive the logs on CD-R

While I'm writing this another variant comes to my mind:
- - Could I attach an external USB Backup Drive (tape or hd) and redirect 
m0n0's logging to it?

Other suggestions?

Thanx for assistance


- -- 
Markus Kamp                    <mailto:mk underscore cactus at gmx dot de>
Wuppertal, Germany
Version: GnuPG v1.2.4 (Darwin)