From owner-freebsd-questions@FreeBSD.ORG  Fri Nov 25 03:38:25 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4960416A420
	for <freebsd-questions@freebsd.org>;
	Fri, 25 Nov 2005 03:38:25 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: from nic.ach.sch.gr (nic.sch.gr [194.63.238.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7C0CB43D5E
	for <freebsd-questions@freebsd.org>;
	Fri, 25 Nov 2005 03:38:20 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: (qmail 22949 invoked by uid 207); 25 Nov 2005 03:38:18 -0000
Received: from keramida@ceid.upatras.gr by nic by uid 201 with
	qmail-scanner-1.21 
	(sophie: 3.04/2.30/3.97.  Clear:RC:1(81.186.70.191):. 
	Processed in 4.805324 secs); 25 Nov 2005 03:38:18 -0000
Received: from dialup191.ach.sch.gr (HELO flame.pc) ([81.186.70.191])
	(envelope-sender <keramida@ceid.upatras.gr>)
	by nic.sch.gr (qmail-ldap-1.03) with AES256-SHA encrypted SMTP
	for <jbronson@wixb.com>; 25 Nov 2005 03:38:13 -0000
Received: from flame.pc (flame [127.0.0.1])
	by flame.pc (8.13.4/8.13.4) with ESMTP id jAP3bOMn016769;
	Fri, 25 Nov 2005 05:37:24 +0200 (EET)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from keramida@localhost)
	by flame.pc (8.13.4/8.13.4/Submit) id jAP3bOp5016768;
	Fri, 25 Nov 2005 05:37:24 +0200 (EET)
	(envelope-from keramida@ceid.upatras.gr)
Date: Fri, 25 Nov 2005 05:37:24 +0200
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: JD Bronson <jbronson@wixb.com>
Message-ID: <20051125033724.GA16668@flame.pc>
References: <6.2.5.6.2.20051124193206.00bf34b8@sixcompanies.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6.2.5.6.2.20051124193206.00bf34b8@sixcompanies.com>
Cc: freebsd-questions@freebsd.org
Subject: Re: pflog summary script?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Nov 2005 03:38:25 -0000

On 2005-11-24 19:33, JD Bronson <jbronson@wixb.com> wrote:
> Does anyone have a simple shell/perl script that can take
> /var/log/pflog and parse it into a simple txt or html?
>
> I would like to cron a script that can clean up the output of pflog
> and put it into something more readable...
>
> Basically something that looks like:
>
> Time - SourceIP - Destination Port
>
> or a count of these as well.

I think what you want is something like the scripts included in these posts:

http://keramida.serverhive.com/weblog/archives/2004-12-28/switching-from-ipfilter-to-pf
http://keramida.serverhive.com/weblog/archives/2005-01-04/more-fun-with-the-pf9-firewall

They are far from perfect and definitely not what I'd call "production
quality", but they will serve fine as a starting point while you write
your own, I guess ;)