From 883308d0766e24d5e03fedac6470ef161e0dad21 Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Mon, 8 Nov 2021 13:57:40 +0100
Subject: [PATCH] [logall] Log ingoing packets as well

---
 roles/logall/templates/rsyslog.d/10-firewall.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/logall/templates/rsyslog.d/10-firewall.conf.j2 b/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
index 61281ea9..99055901 100644
--- a/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
+++ b/roles/logall/templates/rsyslog.d/10-firewall.conf.j2
@@ -15,7 +15,7 @@ if $programname == 'firewall' then /var/log/firewall/iptables.log
 if $syslogfacility == '0' and $msg contains 'ff:ff:ff:ff:ff:ff' then ~
 
 # LOG_ALL pour â€¦ je sais plus Ã  quoi Ã§a sert â€¦
-if $syslogfacility == '0' and $msg contains 'LOG_ALL' and ($msg contains 'SRC=10.' or $msg contains 'SRC=100.64.' or $msg contains 'SRC=172.16.' or $msg contains 'SRC=185.230.76.' or $msg contains 'SRC=185.230.77.' or $msg contains 'SRC=185.230.78.' or $msg contains 'SRC=185.230.79.' or $msg contains 'SRC=2a0c:0700:') then /var/log/firewall/logall.log
+if $syslogfacility == '0' and $msg contains 'LOG_ALL' then /var/log/firewall/logall.log
 &   ~
 
 # LOG_MAC_IP pour l'association mac_ip en ipv6
-- 
GitLab