[syslog-ng][PATCH] netmask-filter
Andreas Schulze
Andreas.Schulze@mediaWays.NET
Sun, 27 Jan 2002 10:49:56 +0100
Gert Menke wrote:
>
> I have implemented a new filter for syslog-ng.
> You can now filter log messages based on their sender's IP address like this:
>
> # match a single host
> filter f_noc21 { netmask("134.130.3.73"); };
>
> # match a whole subnet
> filter f_noc { netmask("134.130.3.0/255.255.255.0"); };
>
> I'll attach patches for syslog-ng versions 1.4.14 and 1.5.13.
>
> Have fun and tell me what you think about it!
Hi Gert,
great idea. We are logging some Class-B's to syslog-ng.
So handling source IP's is an absolute GREAT feature.
But, if you can make it possible, to log source IP's via
a template() variable (say SOURCE_IP or so) used by the file()
destination, too ...
... that's the feature we want for!
--
Best regards --Andreas Schulze
[phone: +49.5246.80.1275, fax: +49.5246.80.2275]
| I believe, it was Dennis Ritchie who said something like:
| "C is rarely the best language for a given task,
| but it's often the second-best".
| The implication being that: "[...]"
|
| sh# cat>$$.c<<EOT
| main(l,a,n,d)char**a;{for(d=atoi(a[1])/10*80-atoi(a[2])/5-596;n="@NK\
| ACLCCGZAAQBEAADAFaISADJABBA^SNLGAQABDAXIMBAACTBATAHDBANZcEMMCCCCAAhE\
| IJFAEAAABAfHJETBdFLDAANEfDNBPHdBcBBBEA_AL H E L L O, W O R L D! "
| [l++-3];)for(;n-->64;)putchar(!d+++33^l&1);}
| EOT
| gcc -o$$ $$.c;clear;./$$ 52 8;rm -f $$*