Re: Managing Multiple OpenBSD-IP Filter firewalls

[Brian Shaw <bshaw () vsvinc com>]

I'm not sure about OpenBSD but, I'm sure it's similar to Linux.

Under Linux you can set your firewall (iptables) to log through syslogd. 
Syslogd can then be configured to forward to another machine.

Another option is to open an ssh connection from your logging machine to 
each of your firewall machines and pipe the logs into a local log file 
or an analysis program.

Brian

Tim Heagarty wrote:

> Hey folks,
>
> I have a potential client that is looking for a way to manage multiple,
> up to 50 or so, firewalls built on OpenBSD 2.9 and  IP Filter. I can
> imagine a central aggregating console of some kind to consolidate
> logging results, status, whatever information can be gleaned from the
> boxes themselves plus IP Filter's output and statistics.
>
> Any pointers on this kind of system, has someone already done it?
>
> Thanks for the great ideas in advance,
>
> Tim Heagarty MCSE, MCP+I
> http://www.TheaSecure.com/
> "There are only 10 kinds of people in the world, those that understand
> binary, and those that don't."
> Work: (928) 636-0489
> Cell: (928) 533-9690
>
>
> -------------------------------------------------------------------
> SurfControl E-mail Filter puts the brakes on spam,
> viruses and malicious code. Safeguard your business
> critical communications. Download a free 30-day trial:
> http://www.surfcontrol.com/go/zsfsbl1
>  




-------------------------------------------------------------------
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfsbl1