Install "prelude" to produce very wonderful and easily understandable reports (even for management) in html. I swear by it as it has made my life so much easier.... cheers Kat On Tue, 2002-10-01 at 17:27, Ben Rosenberg wrote:
Can someone recommend a document that will give me a heads up on how to read the output of iptables that's not 4 inches thick? ;)
Example:
Oct 1 14:21:32 zeus kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT= MAC=00:10:4b:10:69:c1:00:20:6f:13:82:d2:08:00 SRC=61.195.156.12 DST=64.0.161.154 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=10094 DF PROTO=TCP SPT=1332 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03E4463C0000000001030300)·
I found the output from ipchains much easier to read. It was more "this is the ip of the attacker..this is the port their coming from and this is the port their trying to gain access to.." but iptables seems different to me.