First, I would like to congratulate you for the hard work around LEDE project. Previously I used OpenWRT but was worried about the quality of compilation and support.
I am running LEDE on TP-Link WDR-3600 and could upgrade smoothly. I see a nice and updated 4.4 kernel. And I hope that you will soon provide full reproducible builds, as stated
My question is very general : I would like to log all activities using iptables and rsyslog and send logging to a remote system.
Are you aware of a working solution with LEDE? Which packages should I install ? What (free) logging services are available?
Answering myself: works like a charm.
I installed rsyslogd and was able to send logging to loggly very easily.
opkg install rsyslod and then paster loggly recommended settings in /etc/rsyslogd.conf:
$MaxMessageSize 64k
# Setup disk assisted queues
$WorkDirectory /var/log/spool # where to place spool files
$ActionQueueFileName fwdRule1 # unique name prefix for spool files
$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
$ActionQueueType LinkedList # run asynchronously
$ActionResumeRetryCount -1 # infinite retries if host is down
# Send messages to Loggly over TCP using the template.
action(type="omfwd" protocol="tcp" target="logs-01.loggly.com" port="514" template="LogglyFormat")
The only difference with loggly default settings are that LEDE does not preserve /var/spool/log
over reboots therefore, I used /var/log/spool
Then I modified /etc/config/firewall
with option log '1'
whenever needed.