差分
このページの2つのバージョン間の差分を表示します。
両方とも前のリビジョン 前のリビジョン 次のリビジョン | 前のリビジョン | ||
hardware:gl-ar750s-ext:managing_firewall [2020/02/26 03:24] – [参考文献] ともやん | hardware:gl-ar750s-ext:managing_firewall [2020/03/13 08:19] (現在) – ともやん | ||
---|---|---|---|
行 1: | 行 1: | ||
+ | < | ||
+ | < | ||
+ | #result pre { | ||
+ | height: 300px; | ||
+ | overflow: scroll; | ||
+ | overflow-x: hidden; | ||
+ | font-size: 10px; | ||
+ | } | ||
+ | </ | ||
+ | </ | ||
====== ファイアウォール管理 ====== | ====== ファイアウォール管理 ====== | ||
+ | |||
+ | ===== ホームネットワークトラフィック監視 ===== | ||
+ | |||
+ | ==== インストール ==== | ||
+ | <WRAP prewrap 100%> | ||
+ | < | ||
+ | # opkg update && opkg install ulogd ulogd-mod-nfacct ulogd-mod-nfct ulogd-mod-nflog ulogd-mod-xml ulogd-mod-syslog ulogd-mod-extra syslog-ng | ||
+ | </ | ||
+ | </ | ||
+ | <WRAP prewrap 100% #result> | ||
+ | < | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Downloading https:// | ||
+ | Updated list of available packages in / | ||
+ | Installing ulogd (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-nfacct (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-nfct (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-nflog (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-xml (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-syslog (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing ulogd-mod-extra (2.0.5-2) to root... | ||
+ | Downloading https:// | ||
+ | Installing syslog-ng (3.9.1-3) to root... | ||
+ | Downloading https:// | ||
+ | Configuring syslog-ng. | ||
+ | Configuring ulogd. | ||
+ | Configuring ulogd-mod-extra. | ||
+ | Configuring ulogd-mod-nfct. | ||
+ | Configuring ulogd-mod-syslog. | ||
+ | Configuring ulogd-mod-xml. | ||
+ | Configuring ulogd-mod-nfacct. | ||
+ | Configuring ulogd-mod-nflog. | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | ==== syslog-ng の動作確認 ==== | ||
+ | < | ||
+ | # cat / | ||
+ | Feb 26 05:48:04 TomoyanWRT-GL syslog-ng[7403]: | ||
+ | </ | ||
+ | |||
+ | ==== ulog の設定 ==== | ||
+ | < | ||
+ | # vi / | ||
+ | </ | ||
+ | <WRAP prewrap 100%> | ||
+ | <code autoconf / | ||
+ | # this is a stack for flow-based logging via LOGEMU | ||
+ | # | ||
+ | stack=ct1: | ||
+ | |||
+ | [ct1] | ||
+ | hash_enable=0 | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # If pollinterval is not set, NFCT plugin will work in event mode | ||
+ | # In this case, you can use the following filters on events: | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | ulogd を手動で実行して動作確認を行う。\\ | ||
+ | < | ||
+ | # ulogd -v | ||
+ | Wed Feb 26 05:21:35 2020 <7> ulogd.c:622 load_plugin: | ||
+ | Wed Feb 26 05:21:35 2020 <5> ulogd.c:843 building new pluginstance stack: ' | ||
+ | Wed Feb 26 05:21:35 2020 <5> ulogd_inpflow_NFCT.c: | ||
+ | </ | ||
+ | **uint32_to_ipv6: | ||
+ | |||
+ | ==== ulogd の有効化と起動 ==== | ||
+ | < | ||
+ | # service ulogd enable | ||
+ | # service ulogd start | ||
+ | </ | ||
+ | |||
+ | ==== 接続追跡フローアカウンティングを有効に設定 ==== | ||
+ | < | ||
+ | # echo ' | ||
+ | # echo ' | ||
+ | </ | ||
===== 参考文献 ===== | ===== 参考文献 ===== |