[Firehol-support] psad and firehol
Jerome BENOIT
jgmbenoit at wanadoo.fr
Fri Dec 26 21:58:36 CET 2003
Hello List,
I have just written down my first FireHOL script:
my first trouble comes from psad: it emails the message:
** The INPUT chain in the iptables ruleset on _CHANGEME_ includes a
default LOG rule for all protocols, but the rule does not have a log
prefix of "DROP". It appears as though the log prefix is set to
"IN-unknown:". psad will not be able to detect scans without adding
--log-prefix "DROP" to the rule.
I have try to put the following line to my script:
FIREHOL_LOG_OPTIONS="--log-prefix \"DROP\""
but I get an error message saying that iptable does not support
twice the same option.
Is there a clean to satisfy psad ?
Thanks inadvance,
Jerome
PS:
Please CC your reponse to my email address
as I am not a memeber the list, thanks.
More information about the Firehol-support
mailing list