I am having some troubles getting fwanalog working correctly. I am using
fwanalog built from ports and using pf as my firewall. Log files are saved
to /var/log/pflog*.
The appropriate sections from my fwanalog.opts is as follows:
outdir="/usr/local/www/data/fwanalog"
logformat="freebsd"
inputfiles_mask="pflog*" # The name of your logfiles, with a
wildcard if you want
inputfiles_dir="/var/log" # The directory where your logfiles are in,
inputfiles=`find $inputfiles_dir -maxdepth 1 -name "$inputfiles_mask"
-mtime -$inputfiles_mtime | sort -r`
now the inputfiles line works fine and correctly lists all the log files. The only problem is when I run fwanalog it creates the html files - doesn't list any logs as being corrupt but there is nothing there.
Here is an excert of my /var/log/pflog using 'tcpdump -r /var/log/pflog':
12:19:49.791123 IP c-24-13-60-177.hsd1.il.comcast.net.1556 >
tabmow.tabby.com.au.46734: S 340809907:340809907(0) win 64240 <mss
1460,nop,nop,sackOK>
12:19:49.898468 IP 10.14.0.1 > 239.255.255.250: igmp query v2 [max resp
time 10] [gaddr 239.255.255.250]
12:19:50.495068 IP c-24-13-60-177.hsd1.il.comcast.net.1556 >
tabmow.tabby.com.au.46734: S 340809907:340809907(0) win 64240 <mss
1460,nop,nop,sackOK>
Could anyone advise on how to debug/solve this issue?
Thanks in advance,
Terry Received on Tue Feb 06 02:23:40 2007
This archive was generated by hypermail 2.1.8 : Mon Mar 19 2007 - 16:22:03 CET