On Tuesday 13 January 2004 1:57 pm, Rakotomandimby Mihamina wrote: > Hi again , > > 1°) This is a line of iptables log > IN=ppp0 OUT= MAC= SRC=80.14.205.152 DST=80.15.220.67 LEN=48 TOS=0x00 > PREC=0x00 TTL=121 ID=64444 DF PROTO=TCP SPT=4717 DPT=135 WINDOW=16384 > RES=0x00 SYN URGP=0 > > How to see what port have been attempted ? PROTO=TCP DPT=135 This means TCP, destination port 135. > 2°) Is fwlogwatch a tool that will help me to make the logs more readable > , or a tool that will tell me that something is attempting to @#$£ my > network ? > > What i'm looking for is something like this : > http://www.gege.org/iptables/ > but i dont want to install SQL nor Apache /PHP . Export your log files to another machine and run SQL / Apache / PHP on that. > I just want a kind of report of what has been DROPped but in a readable > format ... > > Anyway , the logging format can be read , but it needs training , and i > have no training . If you are managing a firewall you will soon learn how to read the logs. If you want some sort of log analysis tool without installing extra software on your firewall then export the logs to a machine which you can do the analysis on. Regards, Antony. -- If you want to be happy for an hour, get drunk. If you want to be happy for a year, get married. If you want to be happy for a lifetime, get a garden. Please reply to the list; please don't CC me.
