Hello Eric, Tom, Michael and others: I had forgotten about routrst.lrp I will check it out. Does version 2 run as root? Is routertst "safe" if I trust the people on the local network?
I think ISDN will have more people enjoying your work on that than Weblet modification. Larry Platzek [EMAIL PROTECTED] On Sun, 27 Jan 2002, Eric Wolzak wrote: > Date: Sun, 27 Jan 2002 22:29:46 +0100 > From: Eric Wolzak <[EMAIL PROTECTED]> > To: Larry Platzek <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > Subject: Re: [Leaf-user] Leaf 2.4.16 view firewall rules > > Hello Larry, Tom, Michael and others > > Hello Eric, Jacques and list: > > > > I would think for most people that either remove the fields or > > have a cron job running would work. My choice would that setup up a cron > > job to run every 10 minutes or maybe 30 minutes. > > I do like to check on how much data is going through the firewall and > > what rules are doing. I would rather use the webpage rather than logging > > into the firewall. > If you are in a "safe " environment you can use the routerst.lrp > discussed in the list for some time. > This is a small weblet which allows you to run commands on your > router and present them to a browser. As this script runs as root, > you just have to add iptables -L -n or whatever you like and you get > the rules presented to your internal net. I use it f.e to hangup and > dial a connection. > > I think about the other suggestions too. > my priority at the moment lies however in getting isdn running. > > greetings > Eric Wolzak > http://leaf.sf.net/devel/ericw > > > > On Eigerstein I also show the line numbers of the > > rules, it shoulds beats count rules to find rule 43. > > > > Larry Platzek [EMAIL PROTECTED] > > > > > > On Sun, 27 Jan 2002, Eric Wolzak wrote: > > > > > Date: Sun, 27 Jan 2002 11:40:02 +0100 > > > From: Eric Wolzak <[EMAIL PROTECTED]> > > > To: Jacques Nilo <[EMAIL PROTECTED]>, > > > Larry Platzek <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > > > Subject: Re: [Leaf-user] Leaf 2.4.16 view firewall rules > > > > > > Hello Larry, Jacques ,list > > > > > > Larry Jacques allready answered your question, but just to explain > > > why this is done. > > > > > Is it just my copy view firewall rules that only has zero for packacts > > > > and > > > > > bytes fields? > > > > > > > > Ok. So it's because you are viewing your firewall rules through weblet. > > > > When Shorewall is started, the following /etc/shorewall/start script is > > > > executed. > > > > <BOF> > > > > shorewall show >/var/sh-www/data/firewall > > > > chown sh-httpd.adm /var/sh-www/data/firewall > > > > shorewall show nat >/var/sh-www/data/masq > > > > chown sh-httpd.adm /var/sh-www/data/masq > > > > <EOF> > > > > the firewall & masq files are the one you see through weblet > > > > Since this is executed at the very begining of the session it is normal > > > > that you find zeros for packects and bytes fields. > > > As root you can do iptables -L ....etc. > > > or using shorewall shorewall show which is in effect the same. > > > > > > The problem with the weblet is that weblet runs as a non-privileged > > > user and so is not allowed to execute iptables. > > > > > > To be able to view the rules anyway, i decided to use a "dump" of > > > the firewall rules by the firewall script at the end of the startup. > > > And then change the permissions of this file. > > > You could alternatively ofcours let weblet run as root (security item) > > > or call the shorewall show by a cron job. > > > Perhaps I should filter the number of bytes and packages out to > > > avoid the confusion. > > > > > > > > > Greetings Eric Wolzak > > > http://leaf.sf.net/devel/ericw > > > > > > > > > > > > _______________________________________________ > > > Leaf-user mailing list > > > [EMAIL PROTECTED] > > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > > > > > _______________________________________________ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
