1. Home
  2. Networking Firewalls
  3. SMTP Server Inside LAN to Receive Router Firewall Logs

SMTP Server Inside LAN to Receive Router Firewall Logs

Please let me know if this is not the appropriate group for this question. If you know of better alternatives I'll be glad to abandon this post and post it elsewhere.

I would like to capture the log files my DLink DI-604 router generates. It provides NAT and SPI. It does not support authenticated SMTP. My ISP rejects the reports it attempts to email to me as UCE. DLink Support suggested that I install an SMTP server on my machine, inside the LAN and mail my logs to that. I've also heard that with an 'internal' SMTP server I might be able to direct the logs into an ongoing file. The Log Setup page of the router allows me to specify (1) an SMTP Server/IP Address and (2)an Email Address. It is an inexpensive but functional device.

I do not want to do anything that would weaken the firewall provided by the router. It seems to be blocking a regular flood of dropped UDP packets which appear to be probing for open ports.

I'm not really interested in using the SMTP server to handle my normal email traffic.

I've searched for SMTP server software, in particular freeware, and found several examples. The terminology posted by the authors does not let me understand which program might be most appropriate for my use.

Here are some particulars that might be important.

My OS is Windows 98SE (98 4.10.2222 A ) a Dell OEM package.

I use Mozilla 1.7.8 (Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.8) Gecko/20050511) as my browser.

I have only 2 machines on my LAN.

If it is not obvious from my message, I am moderately competent with computers, not an expert but also not a total novice. In replying, please try to avoid highly technical jargon and or acronyms.

If you have solved this problem successfully I am particularly interested in hearing from you.

Thanks,

Baumgrenze

Reply to
baumgrenze
Loading thread data ...

Hello Jason and Duane,

Thanks for your quick input!

I downloaded and installed the wallwatcher.com software. Maybe it works with the European (ver D) of the DI-604, but it does not work with my Ver E. To work with WallWatcher the router needs to support SysLogging.

Perhaps someone else has another solution, or I failed to find out how to set my DI-604 for SysLogging. Has anyone done this with the DI-604 Ver E?

Thanks,

Baumgrenze

Reply to
baumgrenze

Thanks Duane,

I tried that earlier this month. Here's the response I got:

Hi John, There seem to be several variations of the D-Link DI-604, and not all of them support SysLogging. My daughter has one of the non-SysLog models, and seems to be perfectly happy with it (for $15 and a good firewall, how could she be unhappy?).

There are downloadable firmware updates available for some revisions of the DI-604, but as you probably know, you have to be careful not to try to use something meant for a different model. Perhaps you could ask D-Link whether your revision can support SysLogging.

Regards, Dan Tseng

Reply to
baumgrenze

Would there be a reason to expect Kiwi Syslog Daemon to work, given what Dan Tseng said in his reply to me?

Baumgrenze

Reply to
baumgrenze

Would there be a reason to expect Kiwi Syslog Daemon to work, given what Dan Tseng said in his reply to me?

Kiwi Syslog Daemon is a freeware Syslog Daemon for Windows. It receives, filters, logs, displays and forwards Syslog messages and SNMP traps from hosts such as routers, switches, Unix hosts and any other syslog enabled device.

The device needs to by syslog enabled.

Baumgrenze

Reply to
baumgrenze

formatting link
Duane :)

Reply to
Duane Arnold

I don't use it myself but this page mentions the DI-604

formatting link
Jason

[snip]
Reply to
Jason Edwards

There is a link in the link I gave you so that you can talk with Wallwatcher author about getting your version of the router to work. If possible, he may be able to program WW to work with the firmware of your router.

Duane :)

Reply to
Duane Arnold

Well try Kiwi Syslog Daemon. You can try the free version out. However, if you want to use all of the features, then you'll have to buy it. You can dump the logs to a database such as Access or SQL Server and use a report writer like Crystal Reports or others to produce reports on-line. Kiwi is very powerful and has a lot of features.

See fir the free version can capture the log.

Duane :)

Reply to
Duane Arnold

It's a program that works in a similar fashion to the Wallwatch program that captures the logs being sent to a Windows desktop machine. It's a more generic application that works with many many different routers, FW appliances and whatnot. It's also an application that is more configurable due to the many types of devices it can work with in capturing logs.

I was using Kiwi Syslog Daemon before I switched back to WW. WW just recently incorporated the ability of using the log data from the Watchguard Firebox III SOHO 6 FW appliance. When I was using a Linksys BEF model router, WW was exclusive to the BEF model routers. Now the application can work with more routers.

However, if the router you have cannot broadcast the log if this is what you're indicating, then you're stuck.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.