http://www.rtek2000.com/Tech/I-SecureLinks4.html
Best regards, Roman M. Zeltser, @National Computer Center DPCMB/DOCPM, RSIS Information Security Index -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Xiaodong Lin Sent: Wednesday, January 12, 2005 10:30 AM To: [email protected] Subject: Re: [FW-1] Getting logs in ascii format using loggrabber Try Lire http://www.logreport.org/ -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Alexander Simbun Sent: Tuesday, January 11, 2005 9:56 PM To: [email protected] Subject: Re: [FW-1] Getting logs in ascii format using loggrabber Hi, Finally able to figure out the fw1-loggrabber configuration! It's working right now! Anyway, any alternative open source software that could generate reports from the logs generated by fw1-loggrabber? Regards, Alex ----- Original Message ----- From: "Alexander Simbun" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, January 12, 2005 7:20 AM Subject: Re: [FW-1] Getting logs in ascii format using loggrabber > Hi, > Sorry still confused...which part of firewall should I > configured the fwopsec.conf at? Management server or the enforcement > (firewall) itself? > I configured the fwopsec.conf at management server instead of > enforcement > (firewall) server. Sorry for a lame question. > > Regards, > Alex > > > ----- Original Message ----- > From: "Xiaodong Lin" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Wednesday, January 12, 2005 3:16 AM > Subject: Re: [FW-1] Getting logs in ascii format using loggrabber > > >> Alex, >> >> For the sake of simplicity, I give a clear text communication mode. >> In this case, you have to modify the section of LEA as shown as follows: >> >> # The VPN-1/FireWall-1 default settings are: >> # >> # sam_server auth_port 18183 >> # sam_server port 0 >> # >> lea_server auth_port 0 >> lea_server port 18184 >> # >> # ela_server auth_port 18187 >> # ela_server port 0 >> # >> # cpmi_server auth_port 18190 >> # >> # uaa_server auth_port 19191 >> # uaa_server port 0 >> # >> >> Also, you have to restart your fw daemon as for the new conf. >> >> For the lea.conf, you have to mention ip and port for the lea server >> service, and the following is an example for the clear text mode: >> >> lea_server ip 192.168.0.1 >> lea_server port 18184 >> >> Where 18184 is the default lea service port. >> >> If this still doesn't work, you may have to turn on the debug, and >> send me the output, and I will take a look at it. For howto of >> turning on the debug, you may go to project website and take a look >> at my post in FAQ of fw1-loggrabber. >> >> You may install fw1-loggrabber at the same management server. What is >> the platform of CK management server? >> >> Regards, >> >> Xiaodong >> >> >> >> -----Original Message----- >> From: Mailing list for discussion of Firewall-1 >> [mailto:[EMAIL PROTECTED] On Behalf Of >> Alexander Simbun >> Sent: Tuesday, January 11, 2005 11:15 AM >> To: [email protected] >> Subject: Re: [FW-1] Getting logs in ascii format using loggrabber >> >> Hi, >> I had configured the fw1-loggrabber 1.11 on my management >> server plus the OPSEC configuration, but I still can't get the output result. >> Anyway, my question is which part that I should configure the >> fwopsec.conf at? Management server or enforcement module? My firewall >> configuration is in cluster HA/LoadBalance mode, so I'm not sure how >> to configure OPSEC for fw1-loggrabber module. Is it able to install >> fw1-loggrabber at the same management server? >> >> Thanks very much. >> >> Regards, >> Alex >> >> >> >> ----- Original Message ----- >> From: "Xiaodong Lin" <[EMAIL PROTECTED]> >> To: <[email protected]> >> Sent: Tuesday, January 11, 2005 9:55 PM >> Subject: Re: [FW-1] Getting logs in ascii format using loggrabber >> >> >>> Alex, >>> >>> Besides the configuration of CP FW-1, you have to configure two conf >>> files of fw1-loggrabber, i.e. fw1-loggrabber.conf and lea.conf, if >>> you >> >>> use the latest fw1-loggrabber release, fw1-loggrabber 1.11. For the >>> detail of howto, you could take a look at fw1-loggrabber.html inside >>> the release. This should give u a good start. >>> >>> Regards, >>> >>> Xiaodong >>> >>> -----Original Message----- >>> From: Mailing list for discussion of Firewall-1 >>> [mailto:[EMAIL PROTECTED] On Behalf Of >>> Alexander Simbun >>> Sent: Monday, January 10, 2005 11:18 PM >>> To: [email protected] >>> Subject: [FW-1] Getting logs in ascii format using loggrabber >>> >>> Dear all, >>> Anyone here did or currently use FW1-Loggrabber for >>> getting the FW-1 logs in to ASCII format logs? I'm interested to use >>> FW1-Loggrabber in order to convert our existing FW1 logs file (in >>> binary >>> format) into human readable form of logs for our analysis. Any >>> sample or example that I could refer to on how to setup this open >>> source software including how to extract the logs? Please guide me. >>> Thanks >> very much. >>> >>> Regards, >>> Alex >>> >>> ================================================= >>> To set vacation, Out-Of-Office, or away messages, send an email to >>> [EMAIL PROTECTED] >>> in the BODY of the email add: >>> set fw-1-mailinglist nomail >>> ================================================= >>> To unsubscribe from this mailing list, please see the instructions >>> at http://www.checkpoint.com/services/mailing.html >>> ================================================= >>> If you have any questions on how to change your subscription >>> options, email [EMAIL PROTECTED] >>> ================================================= >>> >>> ================================================= >>> To set vacation, Out-Of-Office, or away messages, send an email to >>> [EMAIL PROTECTED] >>> in the BODY of the email add: >>> set fw-1-mailinglist nomail >>> ================================================= >>> To unsubscribe from this mailing list, please see the instructions >>> at http://www.checkpoint.com/services/mailing.html >>> ================================================= >>> If you have any questions on how to change your subscription >>> options, email [EMAIL PROTECTED] >>> ================================================= >> >> ================================================= >> To set vacation, Out-Of-Office, or away messages, send an email to >> [EMAIL PROTECTED] >> in the BODY of the email add: >> set fw-1-mailinglist nomail >> ================================================= >> To unsubscribe from this mailing list, please see the instructions at >> http://www.checkpoint.com/services/mailing.html >> ================================================= >> If you have any questions on how to change your subscription options, >> email [EMAIL PROTECTED] >> ================================================= >> >> ================================================= >> To set vacation, Out-Of-Office, or away messages, send an email to >> [EMAIL PROTECTED] >> in the BODY of the email add: >> set fw-1-mailinglist nomail >> ================================================= >> To unsubscribe from this mailing list, please see the instructions at >> http://www.checkpoint.com/services/mailing.html >> ================================================= >> If you have any questions on how to change your subscription options, >> email [EMAIL PROTECTED] >> ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an email to > [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription options, > email [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
