i"d like to ask, what is the best method, to log and send(email or syslog server) router logins attempts (succeed and unsuccefull too) and how could i log who did use specific ports like: 1723,3389(from wan side
)Thank you in andvance!
Daniel
Loggin
Dear Community,
i"d like to ask, what is the best method, to log and send(email or syslog server) router logins attempts (succeed and unsuccefull too) and how could i log who did use specific ports like: 1723,3389(from wan side )
Thank you in andvance!
Daniel
i"d like to ask, what is the best method, to log and send(email or syslog server) router logins attempts (succeed and unsuccefull too) and how could i log who did use specific ports like: 1723,3389(from wan side
)Thank you in andvance!
Daniel
Re: Loggin
I could solve the login attempts, but how could i get a log to an external server that there was traffic on RDP/VPN (1723,3389,etc..) and from which public ip it came? Thank you in adnvace
Re: Loggin
You have to add rules with action=log, protocol=tcp and dst-port=<list of ports on which the services you are interested in listen> to the firewall filter chains input and forward, right after the initial "accept related, established" rule. Another such rule for services listening on UDP ports. Then you set logging to write firewall,info messages to the required logging channel.
Re: Loggin
I've got it, thank you for your reply, Sindy! (again, you helpd me out, thank you)You have to add rules with action=log, protocol=tcp and dst-port=<list of ports on which the services you are interested in listen> to the firewall filter chains input and forward, right after the initial "accept related, established" rule. Another such rule for services listening on UDP ports. Then you set logging to write firewall,info messages to the required logging channel.