Heya LEAF'rs. Been working on something new:
http://www.echogent.com/cgi-bin/fwlog.pl
It's a firewall packet log processor. So, stick
in something like:
Apr 25 15:18:13 lrp kernel: Packet log: input DENY eth0 PROTO=6
199.172.144.146:80 65.11.107.82:8499 L=1500 S=0x00 I=34491 F=0x4000
T=51 (#58)
...and it'll make an educated guess about what
you're seeing, how important it is, etc.
Apologies if they're any hiccups in the graphics
or anything. Am not an HTML jockey. As always, please let
me know if you see any problems with it before I mention
it on LRP.
Also, of course, if you have a packet log that
this processor cannot handle, please let me know. Or if
you know what a packet "means" and this tool isn't telling
it to you...let me know that too so that I can put in a
rule to handle it appropriately.
Thanks!
-Scott
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
