Re: [m0n0wall] Help needed: monowall->linux->dshield logs

From:	Jonathan Karras <jkarras at karras dot net>
To:	Paul Kroculick <pdkrocul at yahoo dot com>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Help needed: monowall->linux->dshield logs
Date:	Thu, 16 Mar 2006 08:10:54 -0700

I use the following scripts to query my monowall and submit the firewall 
tables to dshield.

The following script is used to submit the rules.
http://live.dshield.org/clients/dshield-freebsd.pl.txt

I then made a BASH script wrapper called monodshield.sh which I use to 
extract the firewall logs using wget from the exec.php page in the 
mOnOwall GUI. The script then passes the cleaned up file onto 
dshield-freebsd.pl for submission. This just runs daily in my crontab.

Let me know if you have any questions I have attached the script and a 
short readme file. Hopefully it works for you.

Jonathan

Paul Kroculick wrote:
> Hello,
> 
> I'm looking for some help. I'm currently using a
> monowall firewall, with the logs going to Kiwi Syslog
> on W2K, and then using CVTWIN to submit the logs to
> Dshield as a scheduled task.
> 
> I want to move the logging to a linux machine, and
> submit the logs from the linux machine. However, I'm
> having trouble putting the pieces together. I searched
> both the monowall and dshield forums and haven't found
> (or just overlooked) the info that I need.
> 
> Has anyone done this? Or can anyone point me to some
> helpful HOWTOs?
> 
> Thanks,
> Paul

monodshield.tgz (1.6 KB, application/x-gtar)