Script sample: IP logging


Note:  This script was intended to run on legacy 481 firmware, and will not work with the latest firmware.

This script showcases how the IP address of the syslog daemon can be configured to send all the logs to this server and how iptables can be used to generate more logs about each connection attempt.



# IP address of syslog server
uci set system.@system[0].log_ip=
uci commit

# create iptables script on the fly
cat > /etc/ << EOF

. /etc/

install_rule() {
        config_get plug_event "\$1" plug_event

        [ -z "\$plug_event" ] && return

        pub_ip=\$(uci get
        pub_mask=\$(uci get

        priv_ip=\$(uci get dhcp.priv.ipaddr)
        priv_mask=\$(uci get dhcp.priv.netmask)

        iptables -I POSTROUTING -t nat -o br-\$1 -s \$pub_ip/\$pub_mask -j LOG --log-level debug --log-prefix "iplog: " 
        iptables -I POSTROUTING -t nat -o br-\$1 -s \$priv_ip/\$priv_mask -j LOG --log-level debug --log-prefix "iplog: " 

config_load network
config_foreach install_rule interface

# make it executable
chmod +x /etc/

# execute at boot time
sed -i 's@exit 0@/etc/\nexit 0@g' /etc/rc.local


Have more questions? Submit a request!