| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 1817.1 | | BIGUN::nessus.cao.dec.com::Mayne | Churchill's black dog | Wed Feb 26 1997 17:32 | 15 |
| Not quite sure what you're asking for, but if, as you say, you "edit the
syslog.conf and point to other machine xpto" then the syslogs will appear on the
other machine xpto.
If you want to produce reports on the internal machine, hmmm...
I wrote a bunch of Perl scripts for a SEAL firewall that produced reports from
the logs. Eventually, the logs became too big for the system and the scripts
were running out of memory. My answer was "it's a firewall, not an accounting
machine", so they took they Perl scripts and logs and ran them on an internal
system.
Maybe engineering might consider separate report generation in a future version?
PJDM
|
| 1817.2 | | QUICHE::PITT | Alph a ha is better than no VAX! | Thu Feb 27 1997 06:06 | 12 |
| The syslog issue is "easy" - just modify the /etc/syslog.conf in the "normal"
way to point to a remote machine.
As for the reporting, you "simply" (!) have to lift every file from the
firewall, and place it in the same directory on the internal machine. The
reports are created and mailed from the cron job that runs manage_syslogs, so
you'll need that as well, and that will ensure that the syslog files are managed
for you on the internal machine. Finally, you will also have to take
/etc/syslog.conf onto the internal machine, so that the syslog files are laid
out the same way as on the firewall. Then it should all work ...
T
|
| 1817.3 | Logging and report on other machine | LISA1::CORREIA_C | CELIA CORREIA @XIP | Thu Feb 27 1997 07:07 | 22 |
| Hi,
reply 1817.2
>As for the reporting, you simply have to lift every file of the firewall and
>put it in the same directory ....
For what I untherstand the solution is (just have a little dought in item 2),
1.Direct the logs file to internal machine
2.install another firewall in internal machine (you didn't say install
but copying every file from the firewall, it will be easyer
installing the firewall - the client has dedicated machine for it,
but doesn't have two ethernet cards- is there any trouble installing
the firewall ??)
3. copy the cron file also
Many thanks for your replies,
C�lia Correia
|
| 1817.4 | | QUICHE::PITT | Alph a ha is better than no VAX! | Thu Feb 27 1997 07:25 | 10 |
| OK, if the customer has another machine that can act only as a firewall, and has
two licenses for AFWU (!?!) then you can avoid lifting all the files. I was
assuming that the internal machine was simply a Digital UNIX box used for other
purposes.
You can install AFWU on a one Ethernet box. You do however have to pretend that
the serial port is going to run SLIP or PPP, I think, to get through the GUI
setup ...
T
|
| 1817.5 | | EEMELI::EINAMO | | Fri Feb 28 1997 02:19 | 7 |
|
Hi
If you install firewall it makes the system very safe so you probably
face problems like copying files/telnetting etc. so take care. :)
marko
|
| 1817.6 | Logging and Report on other machine | LISA1::CORREIA_C | CELIA CORREIA @XIP | Mon Mar 03 1997 07:32 | 12 |
| Hi ,
I've copied all the file under /usr/dfws and try to start the GUI interface
But I' ve got always the 403 error (unauthorized client access...), I've look
in the file access.conf and it alows the 127.0.0.1 I even changed for
allow from all , but in the end I've got the same error ...
Is there any other file or restriction that I'm missing ??
Any help is most appreciate,
Thanks in advance
C�lia
|
| 1817.7 | loggin and Report on other machine | LISA1::CORREIA_C | CELIA CORREIA @XIP | Thu Mar 06 1997 06:36 | 15 |
| Hi ,
I've found the solution, was the user from witch run the http server, everything is
working now
:-)
Now the client is questioning why can't I take the log files form the firewall completly,
Like in seal you put the log files in the internal machine to increase security (?)
I now for a fact, if I take the log files the alarms stop working width the altavista firewall,
isn't possible (correct me if I'm rong).
Is the new version V3.0 comming width some new features for the logging and report ?
Many thanks in advance
C�lia Correia
|