IPFILTER - Understanding log entries

Sheets, Jason (OZ CEEDR) jason.sheets at hp.com
Mon Sep 13 09:25:01 PDT 2004

If your log is too large I'd carefully evaluate which rules are logging.

>From the goole search: firewall log parsing I received the following
interesting results:

http://www.aetdata.com/tracer/firewalllogtutorial.html talks about
parsing firewall logs

http://www.dixongroup.net/hatchet/ is a tool for parsing OpenBSD PF

> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org [mailto:owner-freebsd-
> questions at freebsd.org] On Behalf Of Darryl Hoar
> Sent: Monday, September 13, 2004 8:13 AM
> To: freebsd-questions at freebsd.org
> Subject: IPFILTER - Understanding log entries
> Greetings,
> I have a machine installed with Freebsd & IPFILTER.
> The machine is setup as a firewall.
> The log files generated are large.  First, is there a
> tutorial or tool that will process the log file and show
> what the threat is ?  (if there is one).
> Also, how do others handle the volume of entries in
> the log file ?
> thanks,
> Darryl
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list