[ previous ] [ next ] [ threads ]
 
 From:  "Richard Parvass" <richard dot parvass at aaland dot co dot uk>
 To:  "Wolf" <DFD555 at gmx dot de>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Possibility to log "Firewall stats" in a list, (kind of syslogging maybe)
 Date:  Sun, 16 Aug 2009 18:26:23 +0100 (BST)
You cannot log the states directly to syslog as you have discovered, but
you could configure every rule to log itself, then using syslog from the
Settings menu, select the Firewall option. You will then see every
connection logged, but not the stats of the connection such as bytes
transmitted.


On Sun, August 16, 2009 10:19, Wolf wrote:
> Hi,
>
> thanks for answer. I did it yet and am logging with Kiwi, but i dont get
> any
> information about the currently connections from IP-A to another IP and
> Port
> like in "Firewall states".
>
> I have set all ticks on Diagnostics -> Logs -> Settings and have set IP
> where
> kiwi is installed. I get some informations but not that i want.
> I do something false? I am sending the syslog to a PC in private Network.
>
> Maybe i have to configure the Firewall for something else? Opening some
> Ports?
>
>
> Best regards
> Wolf
>
> Am Sun, 16 Aug 2009 04:40:11 +0200 schrieb Jeffrey Goldberg
> <jeffrey at goldmark dot org>:
>
>>
>> On Aug 15, 2009, at 12:05 PM, Wolf wrote:
>>
>>> i have a question.  How can i log the "Firewall states" under
>>> "Diagnostics".
>>>
>>> Exists some possibilities to manage this? I want a list with all
>>> connections from
>>> IPaddress-A to IPaddress-X, daily. That i can record the connections
>>> from some clients.
>>
>> You may tell m0n0wall to send logging information to another machine.
>> This is under
>>
>>   Diagnostics -> Logs -> Settings
>>
>> And check the box for "Enable syslog'ing to remote syslog server.
>>
>> That other machine be running syslog (or something that does the job of
>> syslog) and be configured to listen for syslog messages from your
>> m0n0wall.
>>
>> I have a machine on my local network that is running syslog-ng that logs
>> messages from m0n0wall (and others).  I can then use a wide variety of
>> log analysis tools on those logs.
>>
>> Cheers,
>>
>> -j
>>