[syslog-ng]List of Valid Source Addresess
Richard E. Perlotto II
syslog-ng@lists.balabit.hu
Mon, 21 Jul 2003 14:47:39 -0700
Use TCP Wrappers.
Richard
-----Original Message-----
From: syslog-ng-admin@lists.balabit.hu =
[mailto:syslog-ng-admin@lists.balabit.hu] On Behalf Of =
Daniel.N.Sferas@us.hsbc.Com
Sent: Monday, July 21, 2003 8:59 AM
To: syslog-ng@lists.balabit.hu
Subject: Re: [syslog-ng]List of Valid Source Addresess
Bazsi,
I am interested in filtering based on the sender's IP address. My
preferred method would be to read a file containing the list of =
valid
source IP addresses,
automagically generated by our management system. The file could =
contain
up to 6,000 entries.
Dan
syslog-ng-request@lists.balabit.hu@lists.balabit.hu on 18 Jul 2003 08:31
Please respond to syslog-ng@lists.balabit.hu
Sent by: syslog-ng-admin@lists.balabit.hu
To: syslog-ng@lists.balabit.hu
Message: 1
To: syslog-ng@lists.balabit.hu
From: Daniel.N.Sferas@us.hsbc.Com
Date: Thu, 10 Jul 2003 06:13:55 -0400
Subject: [syslog-ng]List of Valid Source Addresess
Reply-To: syslog-ng@lists.balabit.hu
Greetings,
I would like to be able to validate that incoming syslog messages from =
the network are from "Well known" sources. Is there a way
for syslog-ng to parse the source address against a flat file of IP =
addresses or patterns? I hesitate to use a match string in the
syslog-ng.conf file as the filter would be very large.
I am using 1.6.0rc3.
Thanks in advance for any tips.
Dan Sferas
************************************************************************
This E-mail is confidential. It may also be legally privileged. If you =
are not the addressee you may not copy, forward, disclose
or use any part of it. If you have received this message in error, =
please delete it and all copies from your system and notify the
sender immediately by return E-mail.
Internet communications cannot be guaranteed to be timely, secure, =
error or virus-free. The sender does not accept liability for
any errors or omissions.
************************************************************************
--__--__--
Message: 2
Date: Thu, 10 Jul 2003 13:01:07 +0200
From: Balazs Scheidler <bazsi@balabit.hu>
To: syslog-ng@lists.balabit.hu
Subject: Re: [syslog-ng]List of Valid Source Addresess
Reply-To: syslog-ng@lists.balabit.hu
On Thu, Jul 10, 2003 at 06:13:55AM -0400, Daniel.N.Sferas@us.hsbc.Com
wrote:
> Greetings,
>
> I would like to be able to validate that incoming syslog messages=20
> from
the
> network are from "Well known" sources. Is there a way for syslog-ng=20
> to parse the source address against a flat file of IP addresses or=20
> patterns? I hesitate to use a match string in the syslog-ng.conf file=20
> as the filter would be very large.
do you want to filter based on sender IP address, or the hostname part?
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C =
8EB1
************************************************************************
This E-mail is confidential. It may also be legally privileged. If you =
are not the addressee you may not copy, forward, disclose
or use any part of it. If you have received this message in error, =
please delete it and all copies from your system and notify the
sender immediately by return E-mail.
Internet communications cannot be guaranteed to be timely, secure, =
error or virus-free. The sender does not accept liability for
any errors or omissions.
************************************************************************
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu =
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html