Now we can login to the olive, control the login through a firewall filter and see hits on the filter. But that only gives us a packet and byte count. It doesn't tell us when the counts happened or where they were sourced from. For that we need logging.
An easy way to do this is to use the action "log" on the term..
user@olive-core> show configuration firewall
filter ACCESS-CNTRL {
term TELNET-BLOCK {
from {
destination-port telnet;
}
then {
count COUNTER-TELNET-BLOCK;
log;
discard;
}
}
term PERMIT-ALL {
from {
source-address {
0.0.0.0/0;
}
}
then {
count COUNTER-PERMIT-ALL;
accept;
}
}
}
To see the log..(And there must be hits against the term to see the kind of output below)
Showing posts with label Syslog. Show all posts
Showing posts with label Syslog. Show all posts
Subscribe to:
Posts (Atom)