From owner-freebsd-questions@FreeBSD.ORG  Fri Jun 18 10:42:54 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E0DD216A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Jun 2004 10:42:54 +0000 (GMT)
Received: from redfirst.wax.co.uk (redfirst.wax.co.uk [212.134.89.140])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 54ECD43D2D
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Jun 2004 10:42:54 +0000 (GMT)
	(envelope-from uwe.kolsch@wax.co.uk)
Received: from uwe (clients.wax.local [212.158.204.132])
	(authenticated bits=0)
	by redfirst.wax.co.uk (8.12.6/8.12.6) with ESMTP id i5IAfNMF029677;
	Fri, 18 Jun 2004 11:41:27 +0100
From: "Uwe Kolsch" <uwe.kolsch@wax.co.uk>
To: "Giorgos Keramidas" <keramida@ceid.upatras.gr>
Date: Fri, 18 Jun 2004 11:41:23 +0100
Message-ID: <LMEHIFLKDJOKILNLEFHPIEJDGEAA.uwe.kolsch@wax.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
In-Reply-To: <20040618103345.GA18531@orion.daedalusnetworks.priv>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
Importance: Normal
X-MailScanner-Information: Please contact the administrator for more
	information
X-redfirst.wax.co.uk-MailScanner: Found to be clean
cc: freebsd-questions@freebsd.org
Subject: RE: IPFW log results analysis
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jun 2004 10:42:55 -0000



> -----Original Message-----
> From: Giorgos Keramidas [mailto:keramida@ceid.upatras.gr]
> Sent: 18 June 2004 11:34 AM
> To: Uwe Kolsch
> Cc: freebsd-questions@freebsd.org
> Subject: Re: IPFW log results analysis
> 
> 
> On 2004-06-18 10:43, Uwe Kolsch <uwe.kolsch@wax.co.uk> wrote:
> > Is there a tool for FBSD like logwatch on Linux, which can provide 
> a detailed
> > but still somehow summarized output based on the logging results of 
> IPFW. I mean
> > more detailed than this from the daily security run:
> > 
> > > 02010    557     48486 deny log ip from any to any out
> > > 10000   1026     49716 deny ip from any to any in setup
> > > 10003   3859    828227 deny ip from any to any in
> > 
> > ... and more like this.
> 
> You can always write your own shell scripts to parse ipfw logs ;-)

And how do I use a keyboard?

> I haven't heard of any summarizing tools, but if you feel that scripting
> your own is too much it shouldn't be too hard to roll a few custom
> scripts if you tell me what you're looking for in such a report.
> 
> - Giorgos