[fwAnalog] [charles~AT~silvertyne.com: Cross platform analysis (OpenBSD logs on Debian)?]

From: Charlie Winckless (charles~AT~silvertyne.com)
Date: Tue Jun 03 2003 - 08:20:52 CEST



OK.

Never mind.

Having /read/ the script, I see that I /must/ run fwanalog on OpenBSD for this to work.

Apologies for the wasted bandwidth.

From: Charlie Winckless <charles~AT~silvertyne.com> User-Agent: Mutt/1.4i
To: fwanalog~AT~tud.at
Date: Mon, 2 Jun 2003 23:45:44 -0600
Subject: Cross platform analysis (OpenBSD logs on Debian)?

I skimmed over the archives and found nothing on this:

Has anyone else tried this? I think I'm running into some wierd sort of tcpdump inconsistency - after mirroring the pflog output from the OpenBSD firewall on a more general purpose Debian box, I recieve the following error:

tcpdump: unknown data link type 17

... and, obviously, get blank output from fwanalog.

Just wanted to check that I wasn't missing something totally obvious, and that what I should do is just do the analysis on the OpenBSD box and then move the output somewhere. :P

For reference, versions are:

OpenBSD 3.0
Debian (stable) (woody)
fwanalog 0.6.3
analog 5.32
tcpdump 3.6.2 (Debian)

--



Charlie Winckless | charles (at) silvertyne (dot) com
            "Time is an illusion. Lunchtime doubly so"
					-- Ford Prefect

--



Charlie Winckless | charles (at) silvertyne (dot) com
            "Time is an illusion. Lunchtime doubly so"
					-- Ford Prefect


This archive was generated by hypermail 2.1.5 : Tue Jun 10 2003 - 22:22:03 CEST