There is another thread on this subject
here. Unfortunately, it is an ancient thread, so I don't know how much use any of the information would be now.
Actually, I did a search in a well-known search engine (search terms: iptables log analysis tool), and a lot of the first page of hits were also ancient, so i don't really know what that means. Maybe, there was more interest in this subject five years ago.
@Noway2
Quote:
It is possible that one of the firewall GUI front ends or server administration packages offer this feature, but again I don't use those either.
|
I'd thought that I'd heard of something similar, but I don't use a GUI front end, so I didn't pay it much attention. There is a description
here of firestarter which may be what i was thinking of, but I can't really remember.
In any case, it seems that what you are asking for could be dealt with by a bit of shell scripting and, say, filtering a log by how many accesses there are from each IP, or something. But, as with Noway2 I'd have to ask how exactly this will help with anything that's important. I mean, everyone gets noise in their log file, but you really want to sort the dangerous stuff from the noise. Does knowing which IP accesses are coming from help you do that?