From owner-freebsd-security Fri Mar 1 2:10:44 2002 Delivered-To: freebsd-security@freebsd.org Received: from euromedia.pl (trinity.euromedia.pl [62.233.132.2]) by hub.freebsd.org (Postfix) with SMTP id 8789337B417 for ; Fri, 1 Mar 2002 02:10:39 -0800 (PST) Received: (qmail 30894 invoked by uid 85); 1 Mar 2002 10:10:39 -0000 Received: from lw@euromedia.pl by trinity.euromedia.pl by uid 82 with qmail-scanner-1.10 (Antyvir Scan.. Clear:0. Processed in 0.618964 secs); 01 Mar 2002 10:10:39 -0000 Received: from unknown (HELO lw.euromedia.pl) (62.233.132.6) by trinity.euromedia.pl with SMTP; 1 Mar 2002 10:10:38 -0000 Date: Fri, 1 Mar 2002 11:14:16 +0100 From: Lukasz Wojtow Cc: lists@gielstrup.dk, freebsd-security@freebsd.org Subject: Re: resolve ipaddr and ports in logs Message-Id: <20020301111416.304a1832.lw@euromedia.pl> In-Reply-To: References: <004b01c1c0c6$1b413380$7800000a@gielstrup.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Is it possible to have the ipaddresses and ports resolved on the rules > > that are logged? > Write a script which takes the log file, performs the DNS lookups, > looks in /etc/services and write the resolved addresses and ports to the > output. fwlogwatch doing such thing, nice tool best regards (from Poland this time ;) Lukasz -- "... az w jedna krotka chwile, pojmiesz po co zyjesz ..." Perfect "Kolysanka dla nieznajomej" Lukasz Wojtow To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message