From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 19 07:11:38 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A900016A41C
	for <questions@freebsd.org>; Tue, 19 Jul 2005 07:11:38 +0000 (GMT)
	(envelope-from norgaard@locolomo.org)
Received: from top.daemonsecurity.com (62-14-217-85.inversas.jazztel.es
	[62.14.217.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35D2643D48
	for <questions@freebsd.org>; Tue, 19 Jul 2005 07:11:37 +0000 (GMT)
	(envelope-from norgaard@locolomo.org)
Received: from [172.24.9.171] (generic.ATOSORIGIN.ES [212.170.156.200])
	by top.daemonsecurity.com (Postfix) with ESMTP id A14BFFE6CC
	for <questions@freebsd.org>; Tue, 19 Jul 2005 09:09:10 +0200 (CEST)
Message-ID: <42DCA79F.1070109@locolomo.org>
Date: Tue, 19 Jul 2005 09:11:27 +0200
From: =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org>
Organization: Locolomo.ORG
User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050529)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: FreeBSD Questions <questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Perl module for parsing tcpdump file
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2005 07:11:38 -0000

Hi,

I was wondering if there is a perl module that can read the tcpdump 
formated files produced by pflog. I've been looking in the ports 
collection but can't seem to fine a port whose name decrypts to tcpdump.

I have a script that parses my maillog and blocks owned hosts or relays 
used by owned hosts. Now, I'd like to parse the firewall log to unblock 
those who have become sane again.

Thanks, Erik

-- 
Ph: +34.666334818                           web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID:  A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2