Re: [m0n0wall] Help needed: monowall->linux->dshield logs

From:	Lee Sharp <leesharp at hal dash pc dot org>
To:	Jonathan Karras <jkarras at karras dot net>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Help needed: monowall->linux->dshield logs
Date:	Tue, 28 Aug 2007 23:33:30 -0500

Back from the dead!  Well, March 06 anyway...

Jonathan Karras wrote:
> Paul Kroculick wrote:

>> I'm looking for some help. I'm currently using a
>> monowall firewall, with the logs going to Kiwi Syslog
>> on W2K, and then using CVTWIN to submit the logs to
>> Dshield as a scheduled task.
>>
>> I want to move the logging to a linux machine, and
>> submit the logs from the linux machine. However, I'm
>> having trouble putting the pieces together. I searched
>> both the monowall and dshield forums and haven't found
>> (or just overlooked) the info that I need.


> I use the following scripts to query my monowall and submit the firewall 
> tables to dshield.
> 
> The following script is used to submit the rules.
> http://live.dshield.org/clients/dshield-freebsd.pl.txt
> 
> I then made a BASH script wrapper called monodshield.sh which I use to 
> extract the firewall logs using wget from the exec.php page in the 
> mOnOwall GUI. The script then passes the cleaned up file onto 
> dshield-freebsd.pl for submission. This just runs daily in my crontab.

Have you done any more with this?  (Or anyone)  I want to start 
submitting, seeing as I have 70 firewalls.  I just want an easy way to 
do it...

			Lee