What's new

Firewall log location

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jeff288

Regular Contributor
Is there some way to change this to store on my onboard microsd card? And holy crap, I turned on the firewall for dropped packets and I never noticed just how many devices/people come knocking at your door uninitiated.
 
I know. I decided to turn on logging the other day and it's unreal, multiple attemps every second from random IPs knocking at the door, mostly telnet attempts. Is there an easy way of just blocking all non-American inbound uninitiated IPs and not log them so it's not filling up the log qeue?
 
Good question, I would personally prefer thall all logs be stored on my USB stick plugged in my router.

I'll update in case someone has the same question. Copy this and name it post-mount, put it in /jffs/scripts and chmod +x to make it executable. Also might want to use notepad++ and save as unix file or use the now embedded nano editor to make sure it saves in compatible format:

Code:
#!/bin/sh
killall syslogd
rm /tmp/syslog.log
syslogd -O /mnt/Router/syslogs/syslog.log -s 256 -l 7

Last line is usb, change as appropriate for your location. -s is the file size before rotation and -l is the verbosity. The -b option for # of logs doesn't allow for more than one, it seems. And unfortunately you won't see the syslog in the GUI but you can add:

Code:
ln -s /mnt/Router/syslogs/syslog.log /tmp/syslog.log

This thread was of help. Sorry to bump this thread again, thought it might be helpful to someone else.
 
Last edited:
I wonder of it would be possible to install failtoban on these routers?
I've used it on several Tor servers over the years and it's a great program to help keep the bad guys out.
 
fail2ban requires Python, which is a pretty large environment. You'd have to see if all the necessary dependencies could be installed from Optware.
 
It looks like python 3.5.1-4 is available.
"This package contains the (almost) full Python install. It's python3-light + all other packages."
Fail2ban just requires > 2.6
Then it seems to be just a matter of downloading the tarball and installing it.

"The code has been completely rewritten since 0.6.x. Fail2ban is entirely written in Python and thus should work on most of the *nix systems."
I think I'll give it a go.
 
I'll update in case someone has the same question. Copy this and name it post-mount, put it in /jffs/scripts and chmod +x to make it executable. Also might want to use notepad++ and save as unix file or use the now embedded nano editor to make sure it saves in compatible format:

Code:
#!/bin/sh
killall syslogd
rm /tmp/syslog.log
syslogd -O /mnt/Router/syslogs/syslog.log -s 256 -l 7

Last line is usb, change as appropriate for your location. -s is the file size before rotation and -l is the verbosity. The -b option for # of logs doesn't allow for more than one, it seems. And unfortunately you won't see the syslog in the GUI but you can add:

Code:
ln -s /mnt/Router/syslogs/syslog.log /tmp/syslog.log

This thread was of help. Sorry to bump this thread again, thought it might be helpful to someone else.

Thanks for posting this. Still I wonder what's the use to you doing it this way?
Log rotation doesn't work, you said. And through my findings, nor does increasing the log size.
So compared to the original situation there are not more logs to view this way.
Or did you find a way (Without running opt ware) to accumulate all logs until the given size of your usb drive is reached and make it rotate in any way?
Thanks
 
Last edited:
It looks like python 3.5.1-4 is available.
"This package contains the (almost) full Python install. It's python3-light + all other packages."
Fail2ban just requires > 2.6
Then it seems to be just a matter of downloading the tarball and installing it.

"The code has been completely rewritten since 0.6.x. Fail2ban is entirely written in Python and thus should work on most of the *nix systems."
I think I'll give it a go.
Please, did you manage to install it? It works also for port 21 FTP? Many thanks!
 
So maybe Merlin can add this feature into future releases? :)
The implementation could be quite similar to traffic stats logs.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top