Search Results for "firewall log viewer"

Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains, cisco routers and Windows XP system logs, and mysql or postgresql database logs using the iptables ULOG or NFLOG target of netfilter others mapped to the ulogd format with a view. Fully supports IPv6 for database logs, and netfilter and ipfilter system file logs.

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. ...

lua-resty-waf is a web application firewall implemented in Lua for OpenResty/NGINX, designed to run inline at the edge with low overhead. It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. ...

Log2table allows you to continuously monitor your logfiles. You can trigger actions when a specific message comes in your audited logfiles or when a specific number of occurences are present.

Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date

This is extremely handy for Android Phones, as now most third-party Apps from mobile market is now close-sourced and it's hard to promise its security, but some of this functions may be tempting, so we have to install it and give it permissions what it want at installation stage, and then it may do something we don't like in the background, now with Lavender we can at least prevent from accessing network if we don't trust it. Both linux desktop and Android Phones are now...

redWall is a bootable CD-ROM Firewall with Snort, snortsam, dansguardian and support for fwbuilder, spamassassin, reporting (using ACID/sarg/ntop/webfwlog), VPN (FreeSWan/PoPToP/Openvpn) and mail alerting (by mail). Configs are stored on a Floppy or USB

A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.

These three tools build Checkpoint, Cisco ASA or Netscreen policys from logfiles. They write dbedit, access-list or set address, set service and set policy commands for the traffic seen in the logs, that can be cut and pasted into the firewalls. WOOT

This is the effort to make a simple small business server that provides basic infrastructure with spam and virus protection, service usage accounting and reporting, easy provisioning and password management, message board, addressbook and other.

PFL can either operate as a stand-alone firewall log parser or set up to run and configure ipfw. The major focus is parsing, compressing, and filtering *NIX (to include Mac OSX) firewall logs generated by IPFW for quick and easy admin review.

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

Running as a daemon it monitors /var/log/messages(configurable) for bastille iptables and PSAD scan alerts with a max threshold (configurable) It will block ip on iptables instantly and send abuse email out. Requires a few perl modules (tries to install)

mIBB - my Iptables Blacklist Builder - is a small script written to be used through the crontab, that looks into /var/log/auth.log for failed logins and builds bad boys blacklist.

Ptcap is a Unix daemon that captures traffic packet size, source, destination, and times and saves this data into a postgres (and now ODBC including mysql) database in near real time, from which traffic reports may be made.

fwgraph is an attempt to characterize and present network traffic including network devices, QoS, and iptables under Linux.

Schedule emailing of your Smoothwall logs. Schedule on a daily/weekly/monthly basis via cron jobs. Formatting options are text and html. csv formatting planned.

What are the packets rejected by your Netfilter based firewall today ? How often this suspicious host try to connect to your box ? What are the most rejected domains ? Who is this strange host which scan your ports ? The responses are in the iptables log

A daemon enabling the administrator to translate events (e.g. log events) into actions (e.g. firewall rules).

A Port Knocking C-based server & client. Stealth mode by closed ports, strong encryption (ARC4 & BlowFish), Daemon mode, compresed sequence, MD5 digest log check, user passwords and user privelege system, action triggers... GPL license.

Gardol monitors system log files to detect denial of service and other attacks and blocks attacking sites with Linux iptables. Attack detection rules may be programmed in Perl.

adcfw-log is a tool for analyzing firewall logs in order to extract meaningful information and generate different kinds of reports, such as fully formatted reports of what had been logged, with summaries by source or destination host, the type of service

readlog is a pair of scripts for reviewing iptables firewall logs via a handy web interface using a MySQL backend.

Netfilter tracker is a tracking tool for iptables logs, similar to Checkpoint(tm) Smartview Tracker. Includes storage in an embedded SQL database and a graphical application (viewer) to access filtered data.