[Sanewall-users] Egress firewalls and packet owners

Michael Mol mikemol at gmail.com
Thu Dec 26 19:41:54 CET 2013


I have egress firewalls set up on a number of hosts. These hosts are
supposed to be talking to a proxy server if they need to get out
anywhere, so I'm not allowing http outbound.

On one of these hosts, I get a number of pings for attempts to make
outbound HTTP requests. I have every proxy setting I know about
configured...but I'm obviously missing one somewhere.

Is there a way to get sanewall to emit owner (process and process
owner) information per policy? I.e. if I see that the PID and UID are
48, well, I know the requests were run as the httpd user, and can look
in that direction....


-- 
:wq


More information about the Sanewall-users mailing list