[sslh] Request for comments: Connection logging configuration
Yves Rutschle
yves at rutschle.net
Fri Dec 11 10:57:19 UTC 2015
Hello everyone,
Over the years I've received a number of request for some
way to limit the amount of logs sslh produces. Recently
someone suggested it would be a good idea to be able to log
ssh but not https (because https receives a lot of
connections, which are also logged by the Web server).
So I'm thinking of adding a log level per protocol in
configuration file, something like:
protocols:
(
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; log_level: "2"},
{ name: "openvpn"; host: "localhost"; port: "1194"; },
{ name: "http"; host: "localhost"; port: "80"; log_level: "0" },
{ name: "ssl"; host: "localhost"; port: "443"; log_level: "0"},
{ name: "anyprot"; host: "localhost"; port: "443"; }
);
log_level "0" disables all logging for that protocol. It
defaults to "1", which corresponds to the current logging of
incoming connections:
connection from example.com:46018 to example.net:https forwarded from server:40258 to 192.168.1.10:https
Higher log level won't be used, but I'm thinking I may as
well put an integer instead of a boolean, to later add more
logs (probe that worked? disconnections? ... whatever).
Am I missing something obvious that would make this better?
Cheers,
Y.
More information about the sslh
mailing list