[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nufw-users] Questions about NuFW's logging
From: |
Johann Spies |
Subject: |
[Nufw-users] Questions about NuFW's logging |
Date: |
Wed, 18 Jun 2008 15:23:18 +0200 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
Our present firewall generates about 450 log entries per second after
we changed the configuration to avoid accessive logging. Our
bandwidth will most probably more than double in the next year.
I doubt whether postgresql would be able to handle an input stream
like that and keep up to date.
We need to be able to stop a user's connection in real time. At
present we use programs to monitor the stateful tables in memory. The
problem we have is that that tables do not have information about
users - it is ip-based.
NuFw supply the information we need. Our concern is how to handle
that information with the huge amount of data that will be generated.
That brings me to the a question or two about NuFW's logging:
1. What triggers a log entry?
2. When? When the connection starts, when it is terminated?
3. If the log entry is generated after the termination of the
connection, how would we access the information regarding the
connection before it ends?
4. Have NuFw been tested with traffic similar to our situation?
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"Jesus said unto her, I am the resurrection, and the
life; he that believeth in me, though he were dead,
yet shall he live." John 11:25
- [Nufw-users] Questions about NuFW's logging,
Johann Spies <=