Projects / Firewall Log Daemon

Firewall Log Daemon

Firewall Log Daemon is a program written in C which will watch for ipchains or iptables log alerts in realtime. The program will start a small daemon process that parses and resolves firewall logs by reading a FIFO that syslog writes to. It can queue a batch of alerts and mail them to you, or can be used in a script to crunch an existing log file or data stream. It features hostname, port, protocol, and ICMP type/code lookup, with output formatted by a user-defined template.

Operating Systems

Recent releases

  •  02 Jan 2001 05:15

    Release Notes: All fields in packet log are now captured and decoded, turning all hex values into their corresponding ascii bit strings. The included "decode.php" and corresponding template provides for a web-based log entry decoder. Various bugfixes.

    •  09 Dec 2000 20:31

      Release Notes: This release supports user-defined output templates to change output formatting, adds many interface improvements and bugfixes, includes an extended (>1024) port/service lookup function and an option to use a user-defined services file, uses runtime configuration options which can be overridden on the commandline, and supports mixed logging environments (tables and chains together).

      •  30 Nov 2000 14:36

        Release Notes: Code for tables and chains was merged into one executable. The program now automatically matches whatever kind of log data is provided. Multiple string token parsing was replaced with a single pass regex. Command line options were changed. Log data can now be read from STDIN by specifying "-" as the file from which to read. A flag for setting the mail buffer size was added. The Makefile was changed to include "easy" and "uninstall" targets. The easy target does everything for you.

        •  27 Nov 2000 01:22

          Release Notes: Initial Release. Comments and suggestions are welcome.


          Project Spotlight


          A Fluent OpenStack client API for Java.


          Project Spotlight

          TurnKey TWiki Appliance

          A TWiki appliance that is easy to use and lightweight.