From: Balázs Bárány (balazs~AT~tud.at)
Date: Thu Jul 03 2003 - 14:16:23 CEST
Hello,
> What it looks like to do is using a logformat for parsing apaches
> access.log.
That's the idea behind fwanalog: it just converts its input (firewall
logfiles in different formats) to an output that Analog understands.
> I don't know why because in fwanalog.opts I have set the logformat to
> iptables.
That's correct.
> 193.79.237.39 - IPT [2/Jul/2003:08:14:35 +0200] "GET
> /192.168.3.73/UDP/39030/ HTTP/1.0" 200 74 "http://53/"
> "00:01:02:e2:0d:9d:00:30:6e:06:7c:c1:08:00" 0 eth0
That looks OK, too.
I don't really see a problem with your setup. Could you delete everything from your output directory and try again? If that fails, could you try the current fwanalog version from the homepage?
Regards
-- _________________________________________________________________________ Balázs Bárány balazs~AT~tud.at http://tud.at ICQ 10747763 A good engineer will make considerable effort to avoid additional effort.
This archive was generated by hypermail 2.1.5 : Fri Jul 11 2003 - 09:42:03 CEST