in reply to Re: FUT - Change IPtables rules based on log messages
in thread FUT - Change IPtables rules based on log messages

With respect to issue #4, the ever growing syslog message, how is your syslog.conf? FUT doesn't log to the mail, kern, or daemon facilities. So it's skip message should not show up in your input stream.

Issue #2, the repeated insertion of RETURN rule, was fixed in v.26

WRT a rule not timing out, if you send fut a USR1 signal /tmp/fut.dump is created with a listing of all blocked sites and the time the block expires. What does it show?

Be Appropriate && Follow Your Curiosity
  • Comment on Re^2: FUT - Change IPtables rules based on log messages

Replies are listed 'Best First'.
Re^3: FUT - Change IPtables rules based on log messages
by freewheelin (Initiate) on Mar 29, 2006 at 16:10 UTC

    WRT syslog - that's my oops, apologies. I've corrected the problem.

    I've grabbed v26, installed the default config file for it and I'm getting a segfault on the first run. Checking iptables, fut's successfully created the fut chain, but not the fut_drop_log chain. I've tested this both with an empty iptables and with my existing ruleset in place.

    kill -USR1 $pid_of_fut doesn't generate any output in /tmp I'm afraid.

    Update (Duh!) It'd help if I actually had something blocked, of course. When I do, this is the output:

    10.0.1.2              1      22      22   Wed Mar 29 18:12:39 2006

[reply]
[d/l]
[select]

      WRT syslog - wouldn't hurt for me to have defensive code for the case.

      WRT segfault ... It'll have to wait until I'm home and can check the code. Hmmm, 6:00am changes, perhaps not the best of ideas.

      WRT - Janitors, OK to use perlmonks as a support forum?

      Be Appropriate && Follow Your Curiosity
[reply]
        I'm happy to take this to email if it's cluttering up Perlmonks.
[reply]

In Section Perl News