The IDS Log Formatter Script is a Lua script which can be used to generate a log file line for the IDS (Intrusion Detection System) log file generated by the SMTP service in reaction to certain events. This log file can be parsed by external software for reporting or automated firewall management.
Script Filename: IDSLINE.LUA
Function: ProcessLine
Syntax: ProcessLine(<Client IP address>, <Event Type Number>, <Event Data>, <Format>, <Log File>)
Returns: <NewFormat>, <New Log File>
If the function exists, then a 'do nothing' version of the function would be:
function ProcessLine(clientaddr, evttype, evtdata, format, logfile)
return format, logfile
end
•Client IP Address - IP address of the computer trying to send to VPOP3
•Event Type Number - defined in the SMTP Server IDS topic.
•Event Data - context dependent data depending on the Event Type (eg the recipient address, bad command, etc)
•Format - the IDS log line format specified in the VPOP3 SMTP Server settings - will probably contain text replacements
•Log File - the IDS log file name specified in the VPOP3 SMTP Server settings
•Format - the new log line format. This may contain text replacements but doesn't need to. If it does, then VPOP3 will process them as normal, but the ProcessLine function can return a fully formatted log line instead of a new format definition.
•Log File - the new IDS log file (may be the same as the parameter value, but the script may change it - eg for rotating log files etc).