From owner-freebsd-questions@FreeBSD.ORG Mon Sep 13 14:13:10 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BB6D16A4CF for ; Mon, 13 Sep 2004 14:13:10 +0000 (GMT) Received: from ws1.cnweb.com (ws1.cnweb.com [207.91.1.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5301943D3F for ; Mon, 13 Sep 2004 14:13:09 +0000 (GMT) (envelope-from darryl@osborne-ind.com) Received: (qmail 3830 invoked from network); 13 Sep 2004 14:22:57 -0000 Received: from p245n23.ruraltel.net (HELO darryl) (24.225.23.245) by spkg.com with SMTP; 13 Sep 2004 14:22:57 -0000 From: "Darryl Hoar" To: Date: Mon, 13 Sep 2004 09:13:21 -0500 Message-ID: <004d01c4999b$d4e56300$0701a8c0@darryl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4939.300 Importance: Normal Subject: IPFILTER - Understanding log entries X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: darryl@osborne-ind.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Sep 2004 14:13:10 -0000 Greetings, I have a machine installed with Freebsd & IPFILTER. The machine is setup as a firewall. The log files generated are large. First, is there a tutorial or tool that will process the log file and show what the threat is ? (if there is one). Also, how do others handle the volume of entries in the log file ? thanks, Darryl