I'm not particularly impressed with WallWatcher myself. My thought here was to have a more visual logging system built into the firewall web interface itself.
We can already peruse the state table and see basic performance data, plus a snazzy SVG traffic graph, why not have a built-in/add-on log analyzer? Ted Crow Information Technology Manager Tuttle Services, Inc. -----Original Message----- From: Greg Hennessy [mailto:[EMAIL PROTECTED] Sent: Friday, July 29, 2005 2:02 PM To: [email protected] Subject: RE: [pfSense-discussion] Thoughts on Hatchet Adding something such as ~ # grep -i pflog /etc/rc.local echo -n "pflog -> syslog" ifconfig pflog0 up tcpdump -s 96 -l -e -t -i pflog0 | logger -p local0.info -t pf & ~ # ~ # ~ # grep local0.info /etc/syslog.conf local0.info /var/log/pflog.txt local0.info @loghost Dynamically add loghost as appropriate, May be a quick win to get firewall logs off the box and onto to something else on the network via syslog. Personally I use kiwi syslog with some filters to provide separate displays of Pass In, Pass Out and Block traffic. About 12 months ago, I knocked up an exceedingly nasty perl hack to massage PF log output into a form digestible by http://www.sonic.net/wallwatcher/, wasn't really impressed with the overhead though. It might be worth emailing the author with some sample logs and ask him to add PF support. Greg > -----Original Message----- > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: 29 July 2005 18:41 > To: Ted Crow > Cc: [email protected] > Subject: Re: [pfSense-discussion] Thoughts on Hatchet > > Colin worked on this for quite some time to no avail. Until someone > else steps up and does the work its not happening. > > On 7/29/05, Ted Crow <[EMAIL PROTECTED]> wrote: > > > > Pfstat is all well and good, but I was just wondering if you guys > > looked at Hatchet at all? > > > > http://www.dixongroup.net/hatchet/ > > > > It looks like it could be integrated or adapted directly > into the system... > > it does have fair number of dependencies though. > > > > Ted Crow > > Information Technology Manager > > Tuttle Services, Inc. > > >
