iptables log analysis
David A. Bandel
david
Mon May 17 11:37:55 PDT 2004
On Fri, 20 Sep 2002 11:27:55 +0800
begin "m.w.chang" <mwchang at netvigator.com> spewed forth:
>
> anyone got an *existing* script that could list
> the ports being blocked by iptables in /var/log/messages
> plus the number of hits. like this:
>
> # chkhit /var/log/messages
> port,hits
> 25,10
> 139,1
> 6112,20
> #
>
> sorting is not important.
>
> I think I need to use perl if I am to write one.
> can I do it with bash+utils only?
I don't have one for your system, but if you post the iptables LOG rule,
and/or one of the lines from /var/log/messages you're interested in, a
script can be easily done.
I have a few that probably just need modification for your purposes.
Ciao,
David A. Bandel
--
Focus on the dream, not the competition.
-- Nemesis Racing Team motto
More information about the Linux-users
mailing list