Hi, I want a program which displays in a nice format in the browser iptables logs.
Something like BASE does for snort alerts.

I found IPTables Log Analyzer ( http://www.gege.org/iptables/ ), but it is only a beta version and I don't like this.
There is also sawmill ( www.sawmill.net ). I’ve installed it, but I don't like it very much and it's not free.

Does anybody use IPTables Log Analyzer?

What do you use?

fwanalog

fwanalog is a shell script that parses and summarizes firewall logfiles.

http://tud.at/programm/fwanalog/


Logrep is a secure multi-platform framework for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi dimensional analysis, overview pages, SSH communication, and graphs, and supports 18 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, ipchains, iptables, NT event logs, Firewall-1, wtmp, xferlog, Oracle listener and Pix.

http://www.l0t3k.net/tools/Loganalys...e-1.4.2.tar.gz

IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs).

http://www.l0t3k.net/tools/Loganalys...er_v0.4.tar.gz

fwanalog is a shell script that parses and summarizes firewall logfiles. It currently (version 0.6.4pre4) understands logs from ipf (tested with OpenBSD 2.8's and 2.9's ipf, also FreeBSD, NetBSD and Solaris 8 with ipf), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, some ZyXEL/NetGear routers and (experimentally) Cisco PIX, Watchguard Firebox and Firewall-One (not NG!) firewalls.

http://www.tud.at/

thanks,
I will try them.

Newb Question.

I downloaded the file http://www.l0t3k.net/tools/Loganaly...ce-1.4.2.tar.gz , what do i do with it.. yes it sounds stupid... But i untared it.. then what?

For a new pragram you want to install you have to read:
1) README
2) INSTALL
3)HOWTO

4)Search on GOOGLE