iptablesrocks.org - Iptables Log Analyzer
# Host of the MySQL database
$db_host="localhost";
# User of the MySQL database
$db_user="iptables_user";
# Password of the MySQL database
#Make sure you enter your "iptables_user" password in place of the red x's below
$db_password="
xxxxxx
";
# Name of the database
$db_name="iptables";
# URL Path to your installation
$url_base="/firewall/";
#debug mode
$debug=1;
#The default number of record displayed
$default_number=20;
#The default chain displayed
$default_chain="ALL";
#The default date for packets (10000 means any)
$default_date=10000;
#The default ignored ports
$default_ignored_ports= array();
Save and exit the file.
Now we will configure and install the database feeder script.
vi scripts/feed_db.pl
Make sure the following configuration section is set properly. Make sure you enter the "iptables_user" mysql password where the x's are.
my $dsn = 'DBI:mysql:iptables:localhost';
my $db_user_name = 'iptables_admin';
my $db_password = '
xxxxx
';
my $log_file = '/var/log/syslog';
my $pid_file = "/var/run/iptablelog.pid";
Save and exit the file.
Now we will copy the database feeder script to a location from which it can be easily called:
cp feed_db.pl /usr/local/bin/
Next, copy the init.d script called "iptablelog" to your server's init.d directory..
cp scripts/iptablelog /etc/rc.d/init.d/
Note:
I've already pre-configured the "iptableslog" init.d script, but you may want to customize it further depending on your needs.
So, let's start it up!
/etc/init.d/iptablelog start
http://www.iptablesrocks.org/guide/analyze.php (2 of 3) [2/13/2004 8:04:55 PM]