Hello Larry, Tom, Michael and others > Hello Eric, Jacques and list: > > I would think for most people that either remove the fields or > have a cron job running would work. My choice would that setup up a cron > job to run every 10 minutes or maybe 30 minutes. > I do like to check on how much data is going through the firewall and > what rules are doing. I would rather use the webpage rather than logging > into the firewall. If you are in a "safe " environment you can use the routerst.lrp discussed in the list for some time. This is a small weblet which allows you to run commands on your router and present them to a browser. As this script runs as root, you just have to add iptables -L -n or whatever you like and you get the rules presented to your internal net. I use it f.e to hangup and dial a connection.
I think about the other suggestions too. my priority at the moment lies however in getting isdn running. greetings Eric Wolzak http://leaf.sf.net/devel/ericw > On Eigerstein I also show the line numbers of the > rules, it shoulds beats count rules to find rule 43. > > Larry Platzek [EMAIL PROTECTED] > > > On Sun, 27 Jan 2002, Eric Wolzak wrote: > > > Date: Sun, 27 Jan 2002 11:40:02 +0100 > > From: Eric Wolzak <[EMAIL PROTECTED]> > > To: Jacques Nilo <[EMAIL PROTECTED]>, > > Larry Platzek <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > > Subject: Re: [Leaf-user] Leaf 2.4.16 view firewall rules > > > > Hello Larry, Jacques ,list > > > > Larry Jacques allready answered your question, but just to explain > > why this is done. > > > > Is it just my copy view firewall rules that only has zero for packacts > > > and > > > > bytes fields? > > > > > > Ok. So it's because you are viewing your firewall rules through weblet. > > > When Shorewall is started, the following /etc/shorewall/start script is > > > executed. > > > <BOF> > > > shorewall show >/var/sh-www/data/firewall > > > chown sh-httpd.adm /var/sh-www/data/firewall > > > shorewall show nat >/var/sh-www/data/masq > > > chown sh-httpd.adm /var/sh-www/data/masq > > > <EOF> > > > the firewall & masq files are the one you see through weblet > > > Since this is executed at the very begining of the session it is normal > > > that you find zeros for packects and bytes fields. > > As root you can do iptables -L ....etc. > > or using shorewall shorewall show which is in effect the same. > > > > The problem with the weblet is that weblet runs as a non-privileged > > user and so is not allowed to execute iptables. > > > > To be able to view the rules anyway, i decided to use a "dump" of > > the firewall rules by the firewall script at the end of the startup. > > And then change the permissions of this file. > > You could alternatively ofcours let weblet run as root (security item) > > or call the shorewall show by a cron job. > > Perhaps I should filter the number of bytes and packages out to > > avoid the confusion. > > > > > > Greetings Eric Wolzak > > http://leaf.sf.net/devel/ericw > > > > > > > > _______________________________________________ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
