RE: Racks for sale

iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m owner --uid-owner root -j
LOG --log-prefix "Attempted ssh out by root! "
iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m owner --uid-owner root -j
DROP

Place log match before drop match. Now, logging this directly to a file
other than a catch all of syslog or whatever it is, I haven't done it yet
with iptables. Sorry my examples are weak, Monday rush...In your case play
with source, dest ports and ip matching...

hope it helps,
eddie

>From: "Chris Hamilton" <chris@digitalalaska.com>
>To: aklug@aklug.org
>Subject: Racks for sale
>Date: Mon, 05 Dec 2005 07:49:43 -0900
>
>2 Telecom racks (without trays). They are 8 feet tall. $100 for the both
>of them. I've also got a Cisco router that I'm willing to part with
>(cheap). Don't have the exact model at my fingertips, email me if you're
>interested.
>Also...
>
>Any tips on setting up IPtables to log a particular port's traffic to a log
>file? I'm looking to monitor (MS) terminal server connections at the
>firewall.
>
>Thanks
>
>Chris
>
>
>---------
>To unsubscribe, send email to <aklug-request@aklug.org>
>with 'unsubscribe' in the message body.
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Dec 5 11:20:35 2005