-iplogインストール-

   
 iplog-2.2.3.tar.gz

 Linuxサーバ構築メモ ( iplog導入 )こちらのFreeBSDインストール仕様です(^^ゞ

 ● libpcap-0.7.2 インストール済み。
 ● nogroupと言うグループ、iplogと言うユーザを作成。


http://ojnk.sourceforge.net/ のミラーサイトから iplog-2.2.3.tar.gz を /usr/src に落とす。

[root@sub2 src]# tar -zxvf iplog-2.2.3.tar.gz
[root@sub2 src]# cd iplog-2.2.3
[root@sub2 iplog-2.2.3]# ./configure
[root@sub2 iplog-2.2.3]# gmake
gmake all-recursive
gmake[1]: Entering directory `/usr/src/iplog-2.2.3'
Making all in src
gmake[2]: Entering directory `/usr/src/iplog-2.2.3/src'
Making all in gnu
gmake[3]: Entering directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[3]: Nothing to be done for `all'.
gmake[3]: Leaving directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[3]: Entering directory `/usr/src/iplog-2.2.3/src'
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c getopt.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c getopt1.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_config.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_dns.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_icmp.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_ident.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_input.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_lockfile.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_options.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_pcap.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_scan.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_syslog.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_tcp.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_udp.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog_util.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c iplog.c
gcc -DHAVE_CONFIG_H -I. -I. -I.. -g -O2 -D_REENTRANT -pthread -c snprintf.c
gcc -g -O2 -D_REENTRANT -pthread -o iplog getopt.o getopt1.o iplog_config.o iplog_dns.o iplog_icm
p.o iplog_ident.o iplog_input.o iplog_lockfile.o iplog_options.o iplog_pcap.o iplog_scan.o iplog_sys
log.o iplog_tcp.o iplog_udp.o iplog_util.o iplog.o snprintf.o -lpcap
gmake[3]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[2]: Entering directory `/usr/src/iplog-2.2.3'
gmake[2]: Nothing to be done for `all-am'.
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3'
gmake[1]: Leaving directory `/usr/src/iplog-2.2.3'

[root@sub2 iplog-2.2.3]# gmake check
Making check in src
gmake[1]: Entering directory `/usr/src/iplog-2.2.3/src'
Making check in gnu
gmake[2]: Entering directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[2]: Nothing to be done for `check'.
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[2]: Entering directory `/usr/src/iplog-2.2.3/src'
gmake[2]: Nothing to be done for `check-am'.
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[1]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[1]: Entering directory `/usr/src/iplog-2.2.3'
gmake[1]: Nothing to be done for `check-am'.
gmake[1]: Leaving directory `/usr/src/iplog-2.2.3'
[root@sub2 iplog-2.2.3]# gmake install
Making install in src
gmake[1]: Entering directory `/usr/src/iplog-2.2.3/src'
Making install in gnu
gmake[2]: Entering directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[3]: Entering directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[3]: Nothing to be done for `install-exec-am'.
gmake[3]: Nothing to be done for `install-data-am'.
gmake[3]: Leaving directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3/src/gnu'
gmake[2]: Entering directory `/usr/src/iplog-2.2.3/src'
gmake[3]: Entering directory `/usr/src/iplog-2.2.3/src'
/bin/sh ../mkinstalldirs /usr/local/sbin
/usr/bin/install -c iplog /usr/local/sbin/iplog
gmake[3]: Nothing to be done for `install-data-am'.
gmake[3]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[1]: Leaving directory `/usr/src/iplog-2.2.3/src'
gmake[1]: Entering directory `/usr/src/iplog-2.2.3'
gmake[2]: Entering directory `/usr/src/iplog-2.2.3'
gmake[2]: Nothing to be done for `install-exec-am'.
gmake install-man5 install-man8
gmake[3]: Entering directory `/usr/src/iplog-2.2.3'
/bin/sh ./mkinstalldirs /usr/local/man/man5
/usr/bin/install -c -m 644 ./iplog.conf.5 /usr/local/man/man5/iplog.conf.5
/bin/sh ./mkinstalldirs /usr/local/man/man8
/usr/bin/install -c -m 644 ./iplog.8 /usr/local/man/man8/iplog.8
gmake[3]: Leaving directory `/usr/src/iplog-2.2.3'
gmake[2]: Leaving directory `/usr/src/iplog-2.2.3'
gmake[1]: Leaving directory `/usr/src/iplog-2.2.3'


iplogの起動
# /usr/local/sbin/iplog


 起動確認 ↓
[root@sub2 ]# ps awx | grep iplog
89314 ?? Ss 2:48.91 /usr/local/sbin/iplog


 デフォルトでのログ出力 ↓
[root@sub2 log]# cat messages | tail
Dec 27 21:35:39 sub2 iplog[89314]: TCP: http connection attempt from ***.**.***.or.jp:63016
Dec 27 21:35:39 sub2 iplog[89314]: UDP: dgram to port 2720 from sub.yumidon.com:53 (181 data bytes)
Dec 27 21:35:39 sub2 iplog[89314]: UDP: dgram to port 2721 from sub.yumidon.com:53 (105 data bytes)
Dec 27 21:35:39 sub2 iplog[89314]: UDP: dgram to port 2722 from sub.yumidon.com:53 (105 data bytes)
Dec 27 21:35:39 sub2 iplog[89314]: UDP: dgram to port 2723 from sub.yumidon.com:53 (95 data bytes)
Dec 27 21:35:40 sub2 iplog[89314]: TCP: http connection attempt from ***.**.***.ad.jp:1454