[sudo-sys] Request for open port and musings on less logging

[Marc Juul]

Can I get a port forward from wan port 2000 to port 22 on 100.64.64.10 ?

Yes it doesn't currently exist since it seems to have turned off and I need
to go turn it back on. I'll create a static dhcpd lease entry for it.

Regarding logging:

It is concerning to me that our dhcpd is storing leases from more than
three days ago in:

/var/lib/dhcp/dhcpd.leases
and
/var/lib/dhcp/dhcpd.leases~

We have 10 minute dhcp leases but this serves as a log of who was in the
building. I guess three days isn't terrible but it's still annoying.
Looking at dhcpd and dhcpd.leases man pages it doesn't appear that any
options exist to change this behavior except that we could probably tell it
to use /dev/null as its leases output which would mean it forgets all
leases on reboot :/

I guess we also have no idea what our proprietary access points are logging
but given that they probably avoid writing much to their flash memory I'd
expect minimal logging, though they could be logging to the "zone
controller". I know Alex has been working on getting OpenWRT running on
some alternate APs we have a lot of that would be appropriate drop-in
replacements so maybe this problem will be solved later.

-- 
marc/juul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sudoroom.org/pipermail/sudo-sys/attachments/20211201/5ff99fb8/attachment.html>