[Shorewall-users] Log parsers that work with shorewall ?
Axel at congos-tools.com
Thu Dec 18 22:33:04 PST 2003
On Thu, 2003-12-18 at 02:39, Leslie Hazelton wrote:
> I would like to have a good log parser for my shorewall firewall.
> Specifically, I want detailed reports on iptables blocked packets,
> including date and time. I saw the list in (FAQ-6a) and got a copy of
> logwatch because Tom said it was the one he chose.
> I find that the kernel service provides a limited summary of dropped
> packets, but not in a format I can use. Being somewhat lazy, I was
> wondering if anyone else is using logwatch and has made such
> modifications they would be willing to share.
> I scanned the shorewall documentation and user guides looking for a page
> like the one where Tom shares his personal shorewall configuration but
> found nothing relating to logwatch. I also scanned google and the
> logwatch mailing list archive with the same results.
> Les Hazelton
> --- Registered Linux user # 272996 ---
the last time I had to deal with this for a customer I decided to use
ulog and mysql. It is fast, easy enough to install and there are various
ways to get an idea where, when and why packets got dropped/rejected. I
think it is a really flexible solution.
DTS Systeme GmbH
More information about the Shorewall-users