Firewall log analyzer
fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS and
Cisco PIX log summary reports in text and HTML form and has a lot of
options to find and display relevant patterns in connection attempts. With
the data found it can also generate customizable incident reports from a
template and send them to abuse contacts at offending sites or CERT
coordination centers. Finally, it can also run as daemon and report
anomalies or start countermeasures.
fwlogwatch for Debian
By default fwlogwatch won't run as a daemon.
By default no cron jobs will run either.
Most of fwlogwatch's behaviour in Debian systems can be configured via Debconf.
Run 'dpkg-reconfigure fwlogwatch' if you want to change anything.
-- Alberto Gonzalez Iniesta <firstname.lastname@example.org>, Sun, 11 Nov 2001 11:25:14 +0100
$Id: README 710 2010-10-10 11:28:41Z bw $
fwlogwatch is a security tool written in C by Boris Wesslowski originally for
RUS-CERT. It is a packet filter/firewall/IDS log analyzer with support for a
lot of log formats and has many analysis options. It also features realtime
response capabilities and an interactive web interface.
It is available at http://fwlogwatch.inside-security.de/
fwlogwatch - a firewall log analyzer and realtime response
fwlogwatch [options] [input_files]
fwlogwatch produces Linux ipchains, Linux netfilter/iptables,
Solaris/BSD/Irix/HP-UX ipfilter, ipfw, Cisco IOS, Cisco
PIX/ASA, NetScreen, Elsa Lancom
fwlogwatch (1.2-2) unstable; urgency=low
* The 'YAST' release. Yet another sexy translations.
$Id: ChangeLog 710 2010-10-10 11:28:41Z bw $
Version 1.2 2010-10-10
- Extended netfilter and Cisco
$Id: AUTHORS 683 2009-02-13 18:38:25Z bw $
Boris Wesslowski <email@example.com>
This package was debianized by Alberto Gonzalez Iniesta <firstname.lastname@example.org> on
Wed, 27 Jun 2001 13:13:26 +0
Browse inside fwlogwatch_1.2-2_armel.deb