[Oisf-users] Empty http.log file
kay
kay.diam at gmail.com
Mon Jul 9 07:39:46 EDT 2012
For some reason http.log file is empty. I used apache2.2 and nginx.
Here is libhtp config:
libhtp:
default-config:
personality: IDS
request_body_limit: 0
response_body_limit: 0
server-config:
- apache:
address: [172.16.98.0/24, 127.0.0.0/8, "::1"]
personality: Apache_2_2
request_body_limit: 0
request_body_limit: 0
- iis7:
address:
- 192.168.0.0/24
- 192.168.10.0/24
personality: IIS_7_0
request_body_limit: 4096
response-body-limit: 4096
here is stream config:
stream:
memcap: 32mb
checksum_validation: yes # reject wrong csums
inline: yes # no inline mode
reassembly:
memcap: 64mb
depth: 1mb # reassemble 1mb into a stream
toserver_chunk_size: 2560
toclient_chunk_size: 2560
Here are iptables rules:
-A INPUT -p tcp -m mark ! --mark 0x1/0x1 -m tcp --dport 80 -j NFQUEUE
--queue-num 0
-A INPUT -p tcp -m mark --mark 0x1/0x1 -m tcp --dport 80 -j ACCEPT
-A OUTPUT -p tcp -m mark ! --mark 0x1/0x1 -m tcp --sport 80 -j NFQUEUE
--queue-num 0
-A OUTPUT -p tcp -m mark --mark 0x1/0x1 -m tcp --sport 80 -j ACCEPT
More information about the Oisf-users
mailing list