What program do you use to log IP addresses? - Slackware

This is a discussion on What program do you use to log IP addresses? - Slackware ; What program do you use to log ip addresses that connect to your server? Thanks, S....

+ Reply to Thread
Results 1 to 4 of 4

Thread: What program do you use to log IP addresses?

  1. What program do you use to log IP addresses?

    What program do you use to log ip addresses that
    connect to your server?

    Thanks,

    S.

  2. Re: What program do you use to log IP addresses?

    On Wed, 03 Oct 2007 09:57:40 -0500, samson wrote:

    > What program do you use to log ip addresses that connect to your server?


    Using which protocol(s)?

  3. Re: What program do you use to log IP addresses?xx

    On Wed, 3 Oct 2007, samson wrote:

    > What program do you use to log ip addresses that
    > connect to your server?
    >


    i use "iptables -j LOG" to log certain stuff to /var/log/syslog.

    one could use this with "-m state --state NEW" to limit this to
    only new connections. other iptables options can be used to make
    this very specific. (eg., certain ports, certain interfaces, etc).

    it all depends on just what you want to track, and why.

    HTH
    --
    William Hunt, Portland Oregon USA

  4. Re: What program do you use to log IP addresses?

    On Wed, 3 Oct 2007, samson wrote:

    s> What program do you use to log ip addresses that
    s> connect to your server?
    s>


    Don't your servers write there own logs??

    ==> /var/log/apache/access_log <==
    81.187.211.35 - - [03/Oct/2007:22:43:57 +0100] "GET /PomadeCallingHome
    HTTP/1.1" 404 295 "-" "curl/7.10.2 (powerpc-apple-darwin7.0)
    libcurl/7.10.2 OpenSSL/0.9.7l zlib/1.1.4"
    217.212.224.143 - - [03/Oct/2007:22:44:08 +0100] "GET
    /2005/RachelStephen.September/tn/p9101620.jpg.index.html HTTP/1.0" 200
    3599 "-" "psbot/0.1 (+http://www.picsearch.com/bot.html)"

    ==> /var/log/named/bind.log <==
    03-Oct-2007 22:44:57.792 queries: info: client 127.0.0.1#43717: query:
    78.124.210.208.in-addr.arpa IN PTR +
    03-Oct-2007 22:44:57.793 queries: info: client 127.0.0.1#43717: query:
    lollipop.listbox.com IN A +
    03-Oct-2007 22:44:58.017 queries: info: client 127.0.0.1#43717: query:
    jeeves.archives.listbox.com IN A +

    ==> /var/log/maillog <==
    Oct 3 22:07:04 malander milter-greylist: l93L7486023959: addr
    lollipop.listbox.com[208.210.124.78] from

    to delayed for 00:05:00 (ACL 129)
    Oct 3 22:07:04 malander sm-mta[23959]: l93L7486023959: Milter:
    to=, reject=451 4.7.1 Greylisting in action, please
    come back later
    Oct 3 22:07:04 malander sm-mta[23959]: l93L7486023959:
    from=,
    size=4730, class=0, nrcpts=0, proto=ESMTP, daemon=MTA,
    relay=lollipop.listbox.com [208.210.124.78]


    --
    Alan

    ( If replying by mail, please note that all "sardines" are canned.
    However, unless this a very old message, a "tuna" will swim right
    through. )


+ Reply to Thread