Talk:Firewall, Monitoring
Hi i was wondering how i make the file work.
i have managed to get it to run but am getting these errors with it:
[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 186, near "eq
[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 193, near "eq
[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] syntax error at /usr/local/www/cgi-bin/firewall.pl line 200, near "}"
[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] Execution of /usr/local/www/cgi-bin/firewall.pl aborted due to compil
[Wed Mar 16 22:30:17 2005] [error] [client 192.168.0.2] Premature end of script headers: firewall.pl
just wondering if you have an updated version of this file
thanks
gaZooGA
you're getting these errors how?
you know that that's a cgi script, not intended to be run from a command line, right? are you getting those errors from a browser when you try to browse into it, or...? --Jimbo 11:21, 16 Mar 2005 (EST)
Hi Sorry i should have given more information.
I am getting the errors from the browser. The error logs are from apache2 httpd. If I put a numerical value like 1 after the eq's:
unless ($log[$loop][6] eq 1 ) { <-----This line print "<tr>\n";
for ($element=0; $element<12; $element++) { unless ($element eq 2) {print $bodycellbegin . $log[$loop][$element] . $bodycellend;} if ($host_lookups * ($element eq 6)) { my $hostname = `$dig_cmd $log[$loop][6] $dig_opts`; if (($hostname =~ m/\<\<\>\>/) + ($hostname eq 1 )) {$hostname = ' ';} <-----And this line
the script compliles and runs but only prints the tops of the tables.
here is the link http://rarm.gazooga.net/cgi-bin/firewall.pl
so i am just wondering what to put afte the two eq statements.
unless ($log[$loop][6] eq ) & if (($hostname =~ m/\<\<\>\>/) + ($hostname eq 1 )) {$hostname = ' ';}
Thanks for getting back to me.
gaZooGA
formatting errors
The wiki was automatically converting '' to an attempt to italicize code, where I was using it in the script for the usual purpose - to represent a null string. I added <nowiki> tags to nerf the problem - grab a copy again and replace yours with it, and all should be well.
Hope you like the setup! --Jimbo 00:02, 17 Mar 2005 (EST)
Thanks for that. The script now compiles fine. i set a chmod of the /var/log/security to 644 to allow the scipt to read it. I assume this is the correct command.
Thanks once again.
gaZooGA
/var/log/security ownership/permissions
That's correct - you need to either chmod /var/log/security 644 (and don't forget to update the permissions settings for it in /etc/newsyslog.conf or your change will get reset the next time the logs rotate!) or else change the ownership / group ownership of it to allow reading by the www user.
Of course, considering that www is the most commonly compromised system account (scripting vulnerabilities in hosted forums allowing write/execute is a VERY common form of webserver compromise), you might as well just mod it 644, 'cause really, if ANY uid is going to get sloppy it'll be www's. =)
--Jimbo 11:26, 17 Mar 2005 (EST)