Now I have replaced my old firewall with OpenWRT, I needed to enhance the configuration of
dnsmasq to support the network. The old Ubunutu based firewall was already running
dnsmasq, as does the DNS server on the LAN.
I run a mixed network with wired and wireless clients on separate address ranges. DHCP services are provided by the OpenWRT router. An Ubuntu server is the primary DNS server for the wired network. Continue reading
When I went to process my remote firewall log output from OpenWRT, I noticed that the entries were truncated. A quick check with
tcpdump indicated that the
syslog packets were truncated to 256 characters. As
klogd are both provided by
BusyBox, I decided to replace them both. The obvious solution was to replace them with
opkg indicated that it was available, so installation was simple.
Unfortunately, configuration is not yet automated. A default configuration file is provided in
/etc/syslog-ng. This simply logs to
/var/log/messages. It also assumes that
klogd is active. After some research and experimentation, I came up with a configuration. It can provide a local log in
/var/log/messages. More importantly it provides complete firewall log entries to the remote server. Continue reading