web monitor for iptables
Paul
jpb at entel.ca
Wed Nov 4 18:37:39 UTC 2009
Mohammad Ammad Shah wrote:
> Hi gurus,
>
>
>
> I am logging all internet traffic using IPtables, since its a ascii file and hard to get details. Is there a good tool for iptables and RHEL to have nice web interface and deatil options for reporting like (http://www.gege.org/iptables/), but it didn't worked on RHEL or like Smoothwall.
>
>
>
> In my work domain all employes are are IT s/w engineers. i have blocked downloading using squid. but still they are using other ways (firefox plugins) and other tricks, which make me trouble to identify the cluprit.
>
>
> Thanks,
> Mohammad Ammad Shah
>
You could drop a snort box between the firewall and the internal network
(or better yet use the snort box as your firewall) and use the snort
reporting tools to track user activity. This would also allow you to use
some of the prevention features of the package as well as monitoring and
reporting.
Cheers,
--
Paul
More information about the redhat-list
mailing list