From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QCd6N-0001bD-N1 for garchives@archives.gentoo.org; Wed, 20 Apr 2011 19:30:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D756A1C04A; Wed, 20 Apr 2011 19:28:38 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 8EB621C04A for ; Wed, 20 Apr 2011 19:28:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id DAC8B1B4054 for ; Wed, 20 Apr 2011 19:28:37 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Score: -3.292 X-Spam-Level: X-Spam-Status: No, score=-3.292 required=5.5 tests=[AWL=-0.693, BAYES_00=-2.599] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iPwBim+JjvqW for ; Wed, 20 Apr 2011 19:28:31 +0000 (UTC) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by smtp.gentoo.org (Postfix) with ESMTP id 3A74A1B403A for ; Wed, 20 Apr 2011 19:28:30 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QCd4a-0003LK-CZ for gentoo-user@gentoo.org; Wed, 20 Apr 2011 21:28:24 +0200 Received: from c-98-215-231-30.hsd1.in.comcast.net ([98.215.231.30]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 20 Apr 2011 21:28:24 +0200 Received: from reader by c-98-215-231-30.hsd1.in.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 20 Apr 2011 21:28:24 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: Harry Putnam Subject: [gentoo-user] Re: [OT router advice] a router capable of detailed logs Date: Wed, 20 Apr 2011 14:28:10 -0500 Organization: Still searching... Message-ID: <87fwpcd8ol.fsf@newsguy.com> References: <878vv69asl.fsf@newsguy.com> <8739lceqmm.fsf@newsguy.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-98-215-231-30.hsd1.in.comcast.net User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:J+9pWSsKrfBp5uvnhzwjCAfZc0g= X-Archives-Salt: X-Archives-Hash: f092e1df4b63f75ba66177d146e0aefb Paul Hartman writes: > Apr 20 14:41:08 ddwrt kern.warn kernel: [2814955.710000] DROP IN=eth1 > OUT= MAC=ff:ff:ff:ff:ff:ff:00:1b:54:c9:4b:d9:08:00 SRC=10.166.128.1 > DST=255.255.255.255 LEN=325 TOS=0x00 PREC=0x00 TTL=255 ID=34279 > PROTO=UDP SPT=67 DPT=68 LEN=305 > Apr 20 14:41:08 ddwrt kern.warn kernel: [2814956.130000] DROP IN=eth1 > OUT= MAC=ff:ff:ff:ff:ff:ff:00:1b:54:c9:4b:d9:08:00 SRC=10.166.128.1 > DST=255.255.255.255 LEN=325 TOS=0x00 PREC=0x00 TTL=255 ID=34287 > PROTO=UDP SPT=67 DPT=68 LEN=305 > Apr 20 14:41:10 ddwrt kern.warn kernel: [2814957.770000] DROP IN=eth1 > OUT= MAC=ff:ff:ff:ff:ff:ff:00:1b:54:c9:4b:d9:08:00 SRC=172.16.129.29 > DST=255.255.255.255 LEN=365 TOS=0x00 PREC=0x00 TTL=255 ID=34300 > PROTO=UDP SPT=67 DPT=68 LEN=345 > > So it looks like ordinary linux firewall logging... I'm sure you can > customize it if you want to, just as you would on a normal machine. > > Hope that helps :) Yes, thanks for taking the trouble... When I asked that, I hadn't realized that both dd-wrt and openWRT were actually tiny linux OS. I've reading more about them since. It sounds from your report that dd-wrt has some kind of basic firewall script in place by default. Whereas openWRT sounds like you may need to role your own iptables script right off the bat. at least judging from a few posts I've now read from their mailing list where people seem to be asking the kinds of iptables questions you might find on that list..