| HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
| Logging http://havp.hege.li/forum/viewtopic.php?f=4&t=94 |
Page 1 of 1 |
| Author: | housey [ 19 May 2006 12:42 ] |
| Post subject: | Logging |
Hi Been using HAVP and am well impressed with it. What im trying to do is log any virus to a MySQL database. What ive done is changed virus.html in the templates directory to <html> <head> <meta http-equiv="refresh" content="0;URL=http://server/cgi-bin/virus.cgi?virus<!--message-->"> </head> This redirects when a virus is found and my virus.cgi script logs the info to the MySql db, what I dont have is the original source IP as I run with Squid in front. Can you add a variable e.g. <!--sourceip--> so I can use in the redirection? Or does anyone have a better way of doing this? Thanks Paul |
|
| Author: | Christian [ 19 May 2006 14:34 ] |
| Post subject: | |
I would use the access.log. Everything you need is in this log. If you found a virus in this log you can put it in your db. Using the redirect is not very reliable. The browser will not get the error page in some cases. If you hava a virus in a binary and the header is already send to the browser the error page will not work. |
|
| Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|