From: Larry Merritt-Gilbert (gilbertl~AT~haulpak.com)
Date: Wed Aug 07 2002 - 17:09:05 CEST
Hello all,
I am having a bit of a problem getting fwanalog to produce any output. I am running this on a slackware 8.0 box with the 2.4.7 kernel. My analog version is 5.23/Unix. The version of fwanalog.sh is 0.6.1
analog runs fine, I get a report when I run it against my web server log or the sample log. fwanalog simply doesn't put anything into fwanalog.all.log.
-rw-r--r-- 1 root root 893 Aug 7 10:02 alldates.html
-rw-r--r-- 1 root root 0 Aug 7 10:02 analog-domains.tab
-rw-r--r-- 1 root root 0 Aug 7 10:02 fwanalog.all.log
-rw-r--r-- 1 root root 893 Aug 7 10:02 lastweek.html
-rw-r--r-- 1 root root 893 Aug 7 10:02 today.html
-rw-r--r-- 1 root root 373 Aug 7 10:02 today.txt
here is a sample of my /var/log/syslog file:
Aug 7 10:04:09 rt00 kernel: LAME:IN=eth1 OUT=
MAC=00:03:47:75:01:b9:00:c0:7b:6d:7b:c0:08:00 SRC=192.6.234.10 DST=192.137.57.246 LEN=41 TOS=0x10 PREC=0x00 TTL=50 ID=58481 DF PROTO=TCP SPT=40255 DPT=1249 WINDOW=32768 RES=0x00 ACK PSH URGP=0Aug 7 10:04:21 rt00 kernel: LAME:IN=eth1 OUT=
MAC=00:03:47:75:01:b9:00:c0:7b:6d:7b:c0:08:00 SRC=192.6.234.10 DST=192.137.57.246 LEN=41 TOS=0x10 PREC=0x00 TTL=50 ID=58482 DF PROTO=TCP SPT=40858 DPT=1248 WINDOW=32768 RES=0x00 ACK PSH URGP=0Aug 7 10:04:24 rt00 kernel: Dropped on Input:IN=eth1 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:c0:7b:6d:7b:c0:08:00 SRC=192.137.57.245 DST=192.137.57.247 LEN=132 TOS=0x00 PREC=0x00 TTL=64 ID=62161 PROTO=UDP SPT=520 DPT=520 LEN=112
Any suggestions?
--
Larry Merritt-Gilbert
Systems Analyst - Scientific Systems
Komatsu America International Company
2300 N.E. Adams Street
P.O. Box 240
Peoria, IL 61650-0240
Work:309-672-7475
Cell:309-369-0314
Fax:309-672-7753
mailto:lmerritt-gilbert~AT~kac-peoria.com
This archive was generated by hypermail 2.1.4 : Wed Aug 07 2002 - 17:22:02 CEST