File: fwanalog.opts.linux22

package info (click to toggle)
fwanalog 0.5.1-1
  • links: PTS
  • area: main
  • in suites: woody
  • size: 532 kB
  • ctags: 37
  • sloc: sh: 1,059; makefile: 42
file content (76 lines) | stat: -rw-r--r-- 2,992 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
#!/bin/sh

###########################################################################
#
#	User-changeable options for fwanalog.sh
#
#	$Id: fwanalog.opts.linux22,v 1.6 2002/02/05 22:10:15 bb Exp $
#
###########################################################################
outdir="/root/fwanalog.out"
# The directory where the output goes to, without / at the end. You need write
# permissions, of course, and should secure this directory with permissions,
# minefields, guard dogs etc. It will be created if you don't have it yet.

logformat="ipchains"
# What log format your firewall writes.
# Currently available options:
#	iptables	Linux 2.4 iptables		(probably in /var/log/messages)
#	ipchains	Linux 2.2 ipchains		(probably in /var/log/messages)
#	ipf			BSD/Solaris ipfilter	(probably in /var/log/ipflog)
#	openbsd		currently the same as ipf, will probably change after 2.9;
#				works also for NetBSD
#	freebsd		FreeBSD's output format	(probably in /var/log/ipflog)
#	solarisipf	Solaris 8.0 Intel ipf 3.4.20 (using ipmon -sn &)
#	pf_30		OpenBSD 3.0 pf binary log format
#			fwanalog *must* run on OpenBSD 3.0 for this to work 
#			(because of the special tcpdump of OpenBSD)
# Feel free to program a parser for your firewall if it is not supported.
# See the comments in iptables() and ipf()
#
# The officially maintained formats are pf_30 and iptables.

inputfiles_mask="messages*"	# The name of your logfiles, with a wildcard if you want
inputfiles_dir="/var/log"	# The directory where your logfiles are in,
							# 	e.g. /var/log
inputfiles_mtime="31"		# How old the logfiles can be
# You can change this to your log rotate interval + 1 day (so you never miss a logfile entry)
inputfiles=`find $inputfiles_dir -name "$inputfiles_mask" -mtime -$inputfiles_mtime | sort -r`
# This should find the names of the logfiles you want to parse
# It MUST return the names in reverse order (chronologically) or you 
# will have LOTS of duplicate lines in your log.

onehost=false
# Available options: false true dynip

# Default: false

# Set to true if this firewall runs on one machine only and you want to see  
# the source hosts (not the protected target hosts) in the Blocked Packet 
# Report. This is suggested if you protect one server, but loses information
# if you protect a network.

# Set to "dynip" if your firewall has a dynamic IP address.

# After changing this, you must delete everything in $outdir!

# Program invocations - add path if needed

analog="analog"
# Full pathname if you need

date="date"		# should be GNU date
grep="grep" 	# should be GNU grep
egrep="egrep"
zegrep="zegrep"
gzcat="gzcat"
sed="sed"
perl="perl"
tcpdump="tcpdump"

timezone=`$date +%z`
# Which timezone the server is in. Correct if the server fwanalog runs on
# is not in the timezone the firewall is in.
# The %z option of date is supported on GNU/Linux and OpenBSD, 
# but apparently NOT on FreeBSD so you will have to insert your
# timezone difference (e.g. -0500) yourself or use GNU date.