[syslog-ng] patterndb and intrusion prevention

[Valentijn Sessink]

Hi Matt,

Op 27-08-13 16:30, Matt Zagrabelny schreef:
> Error opening file for writing;
> filename='/proc/net/xt_recent/syslogblock', error='No such file or
> directory (2)'

Could it be that you run syslog_ng before your iptables has started? 
Because /proc/net/xt_recent/...anything... only exists after you have 
created an iptables "recent" rule with the name of ...anything...

So you could try:
- run your iptables ruleset
- check if the /proc/net/xt_recent/syslogblock exists
- then run (or restart) syslog-ng

These efforts are all just to be able to run into the next problem ;-) - 
which is the one I referenced in my previous e-mail. You may want to 
save some of your precious free time to do free things - I hope to be 
back with a solution soon.

Best regards,

Valentijn