Hi
In today’s logging landscape, there are several options for consuming firewall logs. I’d like to be able to forward my logs to an Elastic stack on a non-standard port.
I found the syslog.conf file under /etc and tried to add the port number to the end of the line, but its not working. I was expecting to see all of my firewall logs redirected to my configured IP and port.
Is there a firewall rule I need to create to allow traffic out of this port?
Thanks,
J
Hi!
rather an old topic, nevertheless I will request basically the same:
IPFire’s remote logging feature obviously uses the default port 514. I’m running a syslog server in a docker container which does not expose the default port but e.g. 8514.
IPfire WebIF does not allow adding a port number to the server address.
So this is more a feature request: can this behaviour be changed to specify custom ports in WebIF? Should I file a ticket or will this request be dropped because it’s technically impossible?
Hi @hellfire
With the small size of the core development team and the various issues they are having to work on and with new issues like NAT Slipstreaming etc that keep turning up, I suspect that the resource for something like you are asking for will have to come from someone in the community being willing (and capable) of doing the coding work to make it happen.
I doubt that what you are asking for is technically impossible but I don’t know how complicated it would be.
I think your best bet is to raise it as an item on bugzilla as the current setup prevents you using the remote syslog.
Once it is in bugzilla, then there is a review process for the bugs and they do get worked on. Of course the bigger, more critical ones are dealt with first but at least your issue would be in the list.
Also if it turns out not to be very technically complex to make happen then the review process will flag it as suitable for a first bug activity and could be picked up by community members who have a desire to start working on bug fixing for IPFire.
https://bugzilla.ipfire.org/
Your community credentials will allow you to login and raise a bug.