[Sanewall-users] Egress firewalls and packet owners
mikemol at gmail.com
Thu Dec 26 19:41:54 CET 2013
I have egress firewalls set up on a number of hosts. These hosts are
supposed to be talking to a proxy server if they need to get out
anywhere, so I'm not allowing http outbound.
On one of these hosts, I get a number of pings for attempts to make
outbound HTTP requests. I have every proxy setting I know about
configured...but I'm obviously missing one somewhere.
Is there a way to get sanewall to emit owner (process and process
owner) information per policy? I.e. if I see that the PID and UID are
48, well, I know the requests were run as the httpd user, and can look
in that direction....
More information about the Sanewall-users