Getting Policy Filename in compiled iptables file

Dear list members,

I'm looking for a way to get the file of the fwbuilder policy file
(xy.fwb) logged to the compiled *.fw file.
Is there a way how to get this via command line switch/prolog
settings/... to get the original policy source file stored in the
compiled output to know which file was used to create the current
policy.

How do you handle your policies? Sometimes you need to slightly modify
the productive policy for testing and store the temporary policy beside
the current one. After some time it's hard to find out which one was
used to compile the current *.fw file. Therefor it would be very
helpful, if the filename is also logged in the output file.

It could be achieved by a wrapper script that takes the same parameters
as fwb_ipt and do something like
        'echo $filename >> $output'.

But may be there are better ways to achieve this.

Thank you for your advice.

Best regards

Christof


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

On Aug 28, 2008, at 3:10 AM, <christof.kallfass@...> wrote:


currently there is no automated way to add the name of the original  
data file to the generated script. Please open feature request.

As for the workflow, you might want to try built-in RCS. That way you  
can associate a log record with every change you make and can always  
roll back to previous version. The program creates a branch in RCS  
when you open previous version, modify it and then save and commit.

Along the same lines, it would probably be useful to save RCS revision  
of the original file to the generated script, too.

--vk


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

Dear list members,

I'm looking for a way to get the OrigSrc and OrigDest when NAT takes
place. Is it possible with ulogd to get this information in the mysql
db? Further I'm interested in getting accounting info into the same db?
Could this be achieved with ulog and if yes, how?

Thank you for your information.

Best regards

Christof


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

Dear list members,

I'm running FwBuilder V.2.1.19 and I set up a policy for keepalived
traffic that is logged suspicious. My real fw hosts have the following
ip addresses 10.0.1.10/192.168.178.10 and 10.0.1.20/192.168.178.20.
These are only host objects in the policy. The virtual fw, the fw that
runs the virtual ip addresses, has 10.0.1.100/192.168.178.100.

Keepalived is configured to use AH.

The policy looks like:
Rule 0: Src: FW Objects Dest: FW Objects Service:
Any Loopback IF Don't Log
Rule 1: Src: Real Hosts Dest: 224.0.0.0/24 Service: IP:
112/51 (vrrp/ah) Log
Rule 2: Src: Virt. FW Dest: 224.0.0.0/24 Service: IP:
112/51 (vrrp/ah) Log

I assumed that Rule 1 is fired when the keepalived traffic is logged and
the logs show me the real host ips as source. I was surprised that Rule
2 is hit with this kind of traffic and I don't have a clue why.

Has anyone of the list had similar loggings especially of keepalived
traffic or has anyone an idea why the traffic is logged by rule 2? Is
there anything wrong with my policy?

Any hints are highly appreciated.

Thank you.

Best regards

Christof


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

On Aug 28, 2008, at 1:36 PM, <christof.kallfass@...> wrote:


what is the action setting in all these rules ?

if rule 2 logs and rule 1 does not, then it means rule 2 matches and  
rule 1 does not. These two rules have different addresses in source,  
compare source address in the log record with those in the rules.

--vk


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion