20 Oct
2002
20 Oct
'02
09:45
In /var/log/messages I see messages like Oct 20 11:00:43 firewall kernel: SuSE-FW-DROP-DEFAULT IN=ippp0 OUT= MAC= SRC=61.0.114.198 DST=62.46.154.154 LEN=78 TOS=0x00 PREC=0x00 TTL=101 ID=3969 PROTO=UDP SPT=62302 DPT=137 LEN=58 I would like to see some whois data of the source IP in clear text and the destination port in clear text too. (Of course I know that 137 is the netbios-port) Is there an analyzing tool for these messages? Maybe like webalizer? Where can I define the log-file in FW2? I would like to have an own fw-logfile to have a better overview of the other messages Albert