iptables log analysis
m.w.chang
mwchang
Mon May 17 11:37:55 PDT 2004
I just need example to get started. my perl is really weak despite of my
agiility in foxpro and c.
Sep 20 19:51:44 server kernel: iptables IN=ppp0 OUT= MAC=
SRC=64.4.13.202 DST=218.102.112.235 LEN=40 TOS=0x00 PREC=0x00 TTL=119
ID=17967 PROTO=TCP SPT=1863 DPT=3018 WINDOW=16821 RES=0x00 ACK FIN RGP=0
that's one sample entry. I will proces the line with "DPT=" and then
plot number of hits vs port number. that's more useful and interesting
than browing the whole log file.
>> # chkhit /var/log/messages
>> port,hits
>> 25,10
>> 139,1
>> 6112,20
>> #
> I have a few that probably just need modification for your purposes.
--
.~. Swiftly. Silently. Invisibly. In Linux we trust.
/ v \ news://news.hkpcug.org
/( _ )\ http://www.linux-sxs.org
^ ^ 2.4.19 7:45pm up 14 min, 0 users, load average: 1.00, 1.04, 0.71
More information about the Linux-users
mailing list