IPTables Upgrade

From: Brian Kejser (bkejser@KAISERDIGITAL.com)
Date: 07/22/01


Message-ID: <67EA3300B8C86F45957019092253E91D04C1AA@morpheus.kaiserdigital.com>
From: Brian Kejser <bkejser@KAISERDIGITAL.com>
To: "'focus-linux@securityfocus.com'" <focus-linux@securityfocus.com>
Subject: IPTables Upgrade
Date: Sun, 22 Jul 2001 05:13:11 -0700

Hi

I recently upgraded my ipchains firewall to iptables and I need to parse my
log files on a daily basis to look for unusual activity. I could write the
script myself but it would be very basic. Does anyone know of a parsing tool
for iptable logs? I used to use pflap for ipchains.

Thanks



Relevant Pages

  • Re: IPTables Upgrade
    ... Subject: IPTables Upgrade ... firewall log parser - site appears to be down now ... > I recently upgraded my ipchains firewall to iptables and I need to parse my ...
    (Focus-Linux)
  • Re: IPTables Upgrade
    ... Subject: IPTables Upgrade ... to it a while back from an obscure post on bugtraq and have been hooked from ... > I recently upgraded my ipchains firewall to iptables and I need to parse ... > log files on a daily basis to look for unusual activity. ...
    (Focus-Linux)
  • RE: How can I get all IP transactions (in/out) logged?
    ... I am pretty sure freshmeat.net has a tool that uses iptables and puts it into a mysql database...try looking under "monitor" or "uptime" its there somewhere. ... With syslog logging, you will also probably want to look into a syslog ... #2 logs packets out ppp0 sourced from the router/host machine ... > in any of the system log files). ...
    (Debian-User)
  • Re: log files
    ... Can you tell me who can i make log files? ... I want to make log file of iptables? ... rule will be display in ACCEPT chain. ... Electronic Mail is not secure, may not be read every day, and should not ...
    (RedHat)
  • [opensuse] Re: dictionary attacks
    ... I'll vote for this too, although I would like to get something that uses iptables instead - taking the load off sshd. ... It works for several log files, ... It only falls short when the ssh-login host is in a DMZ, the logs are actually stored and processed on a different host, and the firewall is a 3rd system. ...
    (SuSE)