• Brad Cable's avatar
    Proper dealing with logging on services, including full usage of · 70dcf240
    Brad Cable authored
    IPTables log-prefix and log-level options.  Proper handling of the
    "comment" module of IPTables, allowing for really simple parsing and
    flexible comments to be added to IPTables rules.  Created
    iptables_helpers.py which takes some functions away from controller.py
    that need to be shared across its calling-children classes.  New
    configuration options "log_level" and "include_related"; "log_level"
    specifies the log-level that gets passed into every LOG target, and
    "include_related" decides whether or not to include the RELATED TCP
    state by default (default False, because I can currently only think of
    FTP that this helps out on so FTP can be defined individually or for
    those setups this option can be flipped on, and LDAP apparently is
    classified as RELATED even if it's an IP that is disallowed (??? I could
    be wrong but I'm pretty sure this is what I observed)).
parser.py 7.5 KB