Re: [syslog-ng] patterndb and intrusion prevention
Hi Florian, Thank you for your explanation. You are using the "program" destination, which works fine. The problem I am experiencing only shows up when using "file" output, as there seems to be a problem with lseek in combination with the proc filesystem. Best regards, Valentijn -- Mobile - hence terse.
Am 28.08.2013 21:44, schrieb Valentijn Sessink:
Hi Florian,
Thank you for your explanation. You are using the "program" destination, which works fine. The problem I am experiencing only shows up when using "file" output, as there seems to be a problem with lseek in combination with the proc filesystem.
It seems that i picked up the wrong email so my post is not on the list. This might be the relevant part: BTW currently i´m using a simple shell-script to put the up in the jail so i can do something more with the ip (whitelist etc.) - but for me it works also as a simple file-destination. I´ve change the destination from program to file and it works without any problems. But i prefer to use a shell-script for handle ip-adresses with xt_recent to have someting like "store in a database" and "whitelists". regards Florian
participants (2)
-
Florian Schaal
-
Valentijn Sessink