pavement

Talk:Firewall, Monitoring

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
 
(5 intermediate revisions by 2 users not shown)
Line 50: Line 50:
  
 
Thanks for getting back to me.
 
Thanks for getting back to me.
 +
 +
gaZooGA
 +
 +
== formatting errors ==
 +
 +
The wiki was automatically converting <nowiki>''</nowiki> to an attempt to italicize code, where I was using it in the script for the usual purpose - to represent a null string.  I added &lt;nowiki> tags to nerf the problem - grab a copy again and replace yours with it, and all should be well.
 +
 +
Hope you like the setup! --[[User:Jimbo|Jimbo]] 00:02, 17 Mar 2005 (EST)
 +
----
 +
 +
Thanks for that. The script now compiles fine. i set a chmod of the /var/log/security to 644 to allow the scipt to read it. I assume this is the correct command.
 +
 +
Thanks once again.
 +
 +
gaZooGA
 +
 +
== /var/log/security ownership/permissions ==
 +
 +
----
 +
That's correct - you need to either chmod /var/log/security 644 (and don't forget to update the permissions settings for it in /etc/newsyslog.conf or your change will get reset the next time the logs rotate!) or else change the ownership / group ownership of it to allow reading by the www user.
 +
 +
Of course, considering that www is the most commonly compromised system account (scripting vulnerabilities in hosted forums allowing write/execute is a VERY common form of webserver compromise), you might as well just mod it 644, 'cause really, if ANY uid is going to get sloppy it'll be www's. =)
 +
 +
--[[User:Jimbo|Jimbo]] 11:26, 17 Mar 2005 (EST)
 +
 +
----
 +
 +
 +
Thanks Heaps,was wondering why the monitor didn't load cause i didn't add it to newsyslog.conf. Your site has been heaps of help. Without it I wouldn't have got this far with FreeBSD.
 +
 +
Keep up the good work
  
 
gaZooGA
 
gaZooGA

Latest revision as of 23:03, 18 March 2005

Hi i was wondering how i make the file work.

i have managed to get it to run but am getting these errors with it:


[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 186, near "eq

[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 193, near "eq

[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 200, near "}"

[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] Execution of /usr/local/www/cgi-bin/firewall.pl aborted due to compil

[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] Premature end of script headers: firewall.pl


just wondering if you have an updated version of this file

thanks


gaZooGA

[edit] you're getting these errors how?


you know that that's a cgi script, not intended to be run from a command line, right? are you getting those errors from a browser when you try to browse into it, or...? --Jimbo 11:21, 16 Mar 2005 (EST)


Hi Sorry i should have given more information.

I am getting the errors from the browser. The error logs are from apache2 httpd. If I put a numerical value like 1 after the eq's:

               unless ($log[$loop][6] eq 1 ) { <-----This line
                       print "<tr>\n";
                       for ($element=0; $element<12; $element++) {
                               unless ($element eq 2) {print $bodycellbegin . $log[$loop][$element] . $bodycellend;}
                               if ($host_lookups * ($element eq 6)) {
                                       my $hostname = `$dig_cmd $log[$loop][6] $dig_opts`;
                                       if (($hostname =~ m/\<\<\>\>/) + ($hostname eq 1 )) {$hostname = ' ';} <-----And this line

the script compliles and runs but only prints the tops of the tables.

here is the link http://rarm.gazooga.net/cgi-bin/firewall.pl

so i am just wondering what to put afte the two eq statements.

unless ($log[$loop][6] eq ) & if (($hostname =~ m/\<\<\>\>/) + ($hostname eq 1 )) {$hostname = ' ';}

Thanks for getting back to me.

gaZooGA

[edit] formatting errors

The wiki was automatically converting '' to an attempt to italicize code, where I was using it in the script for the usual purpose - to represent a null string. I added <nowiki> tags to nerf the problem - grab a copy again and replace yours with it, and all should be well.

Hope you like the setup! --Jimbo 00:02, 17 Mar 2005 (EST)


Thanks for that. The script now compiles fine. i set a chmod of the /var/log/security to 644 to allow the scipt to read it. I assume this is the correct command.

Thanks once again.

gaZooGA

[edit] /var/log/security ownership/permissions


That's correct - you need to either chmod /var/log/security 644 (and don't forget to update the permissions settings for it in /etc/newsyslog.conf or your change will get reset the next time the logs rotate!) or else change the ownership / group ownership of it to allow reading by the www user.

Of course, considering that www is the most commonly compromised system account (scripting vulnerabilities in hosted forums allowing write/execute is a VERY common form of webserver compromise), you might as well just mod it 644, 'cause really, if ANY uid is going to get sloppy it'll be www's. =)

--Jimbo 11:26, 17 Mar 2005 (EST)



Thanks Heaps,was wondering why the monitor didn't load cause i didn't add it to newsyslog.conf. Your site has been heaps of help. Without it I wouldn't have got this far with FreeBSD.

Keep up the good work

gaZooGA

Personal tools