{"id":6,"date":"2006-08-09T00:14:53","date_gmt":"2006-08-08T15:14:53","guid":{"rendered":"http:\/\/qos.mine.nu\/wordpress\/?p=6"},"modified":"2006-08-09T00:14:53","modified_gmt":"2006-08-08T15:14:53","slug":"iptables-log-analyzer-1","status":"publish","type":"post","link":"https:\/\/qos.dev7.net\/wordpress\/2006\/08\/iptables-log-analyzer-1.html","title":{"rendered":"IPTables log analyzer"},"content":{"rendered":"<div id=\"wppda_alert\">\u3053\u306e\u8a18\u4e8b\u306f\uff12\u5e74\u4ee5\u4e0a\u524d\u306b\u66f8\u3044\u305f\u3082\u306e\u3067\u3059\u3002<br\/>\r\n\u305d\u306e\u305f\u3081\u60c5\u5831\u304c\u53e4\u3044\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3054\u4e86\u627f\u304f\u3060\u3055\u3044\u3002m(_ _)m<\/div><p>iptables\u3067\u30ed\u30b0\u3092\u5410\u304f\u3088\u3046\u306b\u3057\u3066\u3044\u308b\u3051\u3069\u3001\u591a\u3059\u304e\u308b\u306e\u3067\u89e3\u6790\u3059\u308b\u306e\u5927\u5909\u3002<br \/>\n\u3067\u3001IPTables log analyzer\u3092\u5165\u308c\u3066\u307f\u307e\u3057\u305f\u3002<br \/>\n% tar zxvfp iptables_logger_v0.4.tar.gz<br \/>\n% cd iptables<br \/>\n% view doc\/faq.html <strong>\u2190 \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u65b9\u6cd5\u304c\u66f8\u3044\u3066\u3042\u308b<\/strong><br \/>\n% mysql -u root -p<br \/>\nmysql> create database iptables;<br \/>\nQuery OK, 1 row affected (0.00 sec)<br \/>\n<strong>&#8212; \u7ba1\u7406\u8005\u30e6\u30fc\u30b6\u4f5c\u6210<\/strong><br \/>\nmysql> grant create,select,insert on iptables.* to iptables_admin@localhost identified  by &#8216;iptables_admin_password&#8217;;<br \/>\nQuery OK, 0 rows affected (0.01 sec)<br \/>\n<strong>&#8212; \u4e00\u822c\u30e6\u30fc\u30b6\u4f5c\u6210<\/strong><br \/>\nmysql> grant select on iptables.* to iptables_user@localhost identified by &#8216;iptables_user_password&#8217;;<br \/>\nQuery OK, 0 rows affected (0.00 sec)<br \/>\n<strong>&#8212; \u4e00\u822c\u30e6\u30fc\u30b6\u306e\u53c2\u7167\u6a29\u8ffd\u52a0<\/strong><br \/>\nmysql> grant create temporary tables on iptables.* to iptables_user@localhost identified by &#8216;iptables_user_password&#8217;;<br \/>\nQuery OK, 0 rows affected (0.00 sec)<br \/>\nmysql> quit<br \/>\n% cat sql\/db.sql | mysql -u iptables_admin -p iptables<br \/>\n% su<br \/>\n<strong># iptables\u306e\u53e9\u304d\u65b9\u306ffaq\u306b\u66f8\u3044\u3066\u3042\u3063\u305f\u307e\u307e\u3002<\/strong><br \/>\n# iptables -t nat -A PREROUTING -p tcp &#8211;dport 0:1024 -j LOG &#8211;log-tcp-options &#8211;log-ip-options &#8211;log-prefix &#8216;[IPTABLES DROP] : &#8216;<br \/>\n# iptables -t nat -A PREROUTING -p udp &#8211;dport 0:1024 -j LOG &#8211;log-tcp-options &#8211;log-ip-options &#8211;log-prefix &#8216;[IPTABLES DROP] : &#8216;<br \/>\n# cp -pr web \/var\/www\/iptables<br \/>\n<strong># php\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u5909\u66f4<\/strong><br \/>\n# vi \/var\/www\/iptables\/config.php<br \/>\n32 # Password of the MySQL database<br \/>\n33 $db_password=&#8221;iptables_user_password&#8221;;<br \/>\n:<br \/>\n:<br \/>\n38 # URL Path to your installation<br \/>\n39 $url_base=&#8221;\/iptables\/&#8221;;<br \/>\n:<br \/>\n:<br \/>\n41 #debug mode<br \/>\n42 $debug=0;<br \/>\n# \u30ed\u30b0\u53ce\u96c6\u30c7\u30fc\u30e2\u30f3(?)\u306e\u8a2d\u5b9a\u3092\u5909\u66f4<br \/>\n# vi scripts\/feed_db.pl<br \/>\n37 my $db_password = &#8216;iptables_admin_password&#8217;;<br \/>\n38 my $log_file = &#8216;\/var\/log\/messages&#8217;;<br \/>\n# cp -p scripts\/feed_db.pl \/usr\/local\/bin\/<br \/>\n<strong># scripts\/iptablelog\u304cvine\u7528\u3067\u306a\u304b\u3063\u305f\u305f\u3081\u3001\u30d1\u30c3\u30c1\u3092\u4f5c\u6210\u3057\u3066\u5f53\u3066\u308b\u3002<\/strong><br \/>\n# cat iptablelog.patch<br \/>\ndiff -Naur scripts\/iptablelog.org scripts\/iptablelog<br \/>\n&#8212; scripts\/iptablelog.org      2006-08-08 23:24:06.000000000 +0900<br \/>\n+++ scripts\/iptablelog  2006-08-08 23:22:13.000000000 +0900<br \/>\n@@ -12,6 +12,10 @@<br \/>\nLONGNAME=&#8221;iptables logfile analyzer&#8221;<br \/>\nNAME=&#8221;iptablelog&#8221;<br \/>\nDAEMON=&#8217;\/usr\/local\/bin\/feed_db.pl&#8217;<br \/>\n+pid=\/var\/run\/$NAME.pid<br \/>\n+<br \/>\n+. \/etc\/rc.d\/init.d\/functions<br \/>\n+. \/etc\/sysconfig\/network<br \/>\nset -e<br \/>\n@@ -19,12 +23,12 @@<br \/>\ncase $1 in<br \/>\nstart)<br \/>\necho -n &#8220;Starting $LONGNAME: &#8220;;<br \/>\n&#8211;      start-stop-daemon &#8211;start &#8211;quiet &#8211;pidfile \/var\/run\/$NAME.pid &#8211;exec $DAEMON &#8212; &#8211;background<br \/>\n&#8211;      echo $NAME;<br \/>\n+         $DAEMON &#8211;background<br \/>\n+      echo<br \/>\n;;<br \/>\nstop)<br \/>\necho -n &#8220;Stopping $LONGNAME: &#8221;<br \/>\n&#8211;      start-stop-daemon &#8211;stop &#8211;quiet &#8211;pidfile \/var\/run\/$NAME.pid || true<br \/>\n+         kill `cat $pid`<br \/>\nrm -f \/var\/run\/$NAME.pid<br \/>\necho $NAME<br \/>\n;;<br \/>\n# patch -p0 < iptablelog.patch\n# cp -p scripts\/iptablelog \/etc\/init.d\/\n<strong># Apache\u518d\u8d77\u52d5<\/strong><br \/>\n# \/etc\/init.d\/iptablelog start<br \/>\n\u2193\u30b9\u30af\u30ea\u30fc\u30f3\u30b7\u30e7\u30c3\u30c8<br \/>\n<a href=\"\/upload\/iptables_logana.png\"><img loading=\"lazy\" decoding=\"async\" alt=\"iptables_logana.png\" src=\"\/upload\/iptables_logana.png\" width=\"400\" height=\"300\" \/><\/a><br \/>\n\u5fae\u5999\u306b\u5931\u6557\u3057\u3066\u308b\u6c17\u304c\u3002\u3002\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u3053\u306e\u8a18\u4e8b\u306f\uff12\u5e74\u4ee5\u4e0a\u524d\u306b\u66f8\u3044\u305f\u3082\u306e\u3067\u3059\u3002 \u305d\u306e\u305f\u3081\u60c5\u5831\u304c\u53e4\u3044\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3054\u4e86\u627f\u304f\u3060\u3055\u3044\u3002m(_ _)miptables\u3067\u30ed\u30b0\u3092\u5410\u304f\u3088\u3046\u306b\u3057\u3066\u3044\u308b\u3051\u3069\u3001\u591a\u3059\u304e\u308b\u306e\u3067\u89e3\u6790\u3059\u308b\u306e\u5927\u5909\u3002 \u3067\u3001IPTables log ana &hellip; <a href=\"https:\/\/qos.dev7.net\/wordpress\/2006\/08\/iptables-log-analyzer-1.html\">\u7d9a\u304d\u3092\u8aad\u3080 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[29,33,76,28],"class_list":["post-6","post","type-post","status-publish","format-standard","hentry","category-auafafcc","tag-apache","tag-iptables","tag-network","tag-php"],"_links":{"self":[{"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/posts\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/comments?post=6"}],"version-history":[{"count":0,"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/posts\/6\/revisions"}],"wp:attachment":[{"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/media?parent=6"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/categories?post=6"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qos.dev7.net\/wordpress\/wp-json\/wp\/v2\/tags?post=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}