Hello,
i recently installed an OpenBSD 4.0 box and now looking for a log analyzer.
Context :
OpenBSD ... 4.0 GENERIC#0 i386
analog-6.0p0
fwanalog-0.6.4 and fwanalog-0.6.9
The provided sample of fwanalog at
http://tud.at/programm/fwanalog/sample-report.html
is the kind of reports i am looking for.
I install fwanalog (and analog) but the opts file provided
(fwanalog.opts.openbsd fwanalog.opts.openbsd3) dont seem to
support OpenBSD 4. The execution of fwanalog.sh work and produces
normal outputs but with no data. Meanwhile, my rules blocked, pass and
log lot of packets, confirmed by the supervision of 'pftop' or 'sudo
tcpdump -e -ttt -i pflog0'. During the execution, i got the following
messages :
-bash-3.1# ./fwanalog.sh
tcpdump: WARNING: snaplen raised from 96 to 116
tcpdump: WARNING: snaplen raised from 96 to 116
and today.html contains :
(...)
<span class="gensumtitle">Blocked packets:</span> 0
(...)
Does fwanalog not support OpenBSD 4.0 or will it in the future ? In case it will not, can you give some advice for another similar report tool ?
Thanx
-- PatrickReceived on Fri Nov 10 14:04:50 2006
This archive was generated by hypermail 2.1.8 : Fri Nov 10 2006 - 16:28:38 CET