From: Zakai Kinan (titanyen2000~AT~yahoo.com)
Date: Sun Feb 20 2005 - 04:24:28 CET
The information that fwanalog spits out is not
intuitive. It does not tell me the IP addresses that
are attacking my pix firewall. Am I misreading
something?
TIA for any info.
ZK
> Hi,
>
> * James Joyce <calipah~AT~free.fr> [2005-02-12 00:07]:
> > fwanalog: No input files in the '/var/log'
> directory
> > named messages* and under 31 days old.
> it's strange that the same command works in the
> shell but not in fwanalog.
>
> You can hard-code "/var/log/messages.0
> /var/log/messages" (or whatever the
> name of your first rotated file is) into
> fwanalog.opts in the inputfiles=
> line. (The find stuff is just for convenience, it
> works on almost all
> systems.) Just make sure that you have a
> chronological order, the older
> file must come before the newer one, else you will
> get entropy-driven
> results.
>
> Regards
> --
>
This archive was generated by hypermail 2.1.5 : Mon Feb 21 2005 - 22:22:04 CET