I have the destination ports listed in my report. You may have to edit your configuration file.
Mine was in /etc/fwlogwatch.config
<clip>
# The following six options define which criteria will be considered
# when comparing logged packets. You can turn off the source or
# destination IP address distinction ('src_ip_off'/'dst_ip_off') or
# activate the protocol, source and destination port and TCP option
# distinction ('protocol'/'src_port'/'dst_port'/'tcp_opts').
# Command line options: -S / -D / -p / -s / -d / -y
#
#src_ip_off
#dst_ip_off
protocol
#src_port
dst_port
tcp_opts
</clip>
Regards,
Jeff Humes
"Steven W. Orr" wrote:
> On Sat, 23 Mar 2002, Jeffery P. Humes wrote:
>
> =>I like to use fwlogwatch.
> =>
> =>It will write the results in an html format.
> =>
> =>
> =>
> =>Hauser Marcel wrote:
> =>
> =>> Hi everybody
> =>>
> =>> Does anyone know a good iptables log parsing/reporting tool, html based?
> =>> Maybe including sending mail alerts ?
> =>>
> =>> Cheers
> =>>
> =>> Marcel
> Not bad, expect that it doesn't incorporate the ports that were hit in the
> report. Anything else available?
>
> --
> -Time flies like the wind. Fruit flies like a banana. Stranger things have -
> -happened but none stranger than this. Does your driver's license say Organ
> -Donor?Black holes are where God divided by zero. Listen to me! We are all-
> -individuals! What if this weren't a hypothetical question? [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
