Hello pf users!
I've made a set of perl scripts to visualize and drill down in pf logs.
It basicly consists of three parts - the log writer, a postgres db, and
a set of perl cgi scripts.
It should be a small task to rewrite it for other log formats as well.
If anyone is interested - you can get it here:
http://espen.mine.nu/project/fireplot3/index.html
A good detection of two port scans:
http://espen.mine.nu/~espen/fireplot3.png
My live log is at: http://espen.mine.nu/cgi-bin/fireplot3/showimg.cgi
Warning: slow server!
Sorry for the bad doc. I'll try to write a new soon...
Espen
