[lxc-users] lxc-security: iptables audit with nflog not working with default settings (insecure)
Fiedler Roman
Roman.Fiedler at ait.ac.at
Wed Mar 11 10:48:08 UTC 2015
Hello list,
Has someone managed to get reliable network traffic auditing with LXC up and
running? That means, that it is possible to write a protocol of e.g. every
new connection from and to host.
On my setup (Ubuntu Trusty), both host and guest may have different iptables
rulesets. But the guest NFLOG messages are lost completely, those from host
are sometimes sent to the ulogd in the guest (time-race), so the host log is
not trustworthy also.
What could be the best solution to get trustworthy logs with LXC?
Kind regards,
Roma
DI Roman Fiedler
Scientist
Digital Safety & Security Department
Assistive Healthcare Information Technology
AIT Austrian Institute of Technology GmbH
Reininghausstraße 13/1 | 8020 Graz | Austria
T +43(0) 50550 2957 | M +43(0) 664 8561599 | F +43(0) 50550 2950
roman.fiedler at ait.ac.at | http://www.ait.ac.at/
FN: 115980 i HG Wien | UID: ATU14703506
http://www.ait.ac.at/Email-Disclaimer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6344 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150311/f65c20d0/attachment.bin>
More information about the lxc-users
mailing list