[wallfire-users] Help about how the wflogs reads the logs
Brought to you by:
eychenne
Menu
▾
▴
[wallfire-users] Help about how the wflogs reads the logs
|
From: V. B. <vin...@ba...> - 2008-11-06 21:08:38
|
Hi, i am using wflogs with the logs generated by iptables and i have a doubt. I used the wflogs filtrating by protocols (TCP and UDP) and i generated a XML file. Then, i wrote a script to read this XML. But, looking for the results i got with this script and looking for the results i got using a script that reads directly the iptables' log, i saw they are different. So, i think that for TCP, the wflogs just consider the packages with the SYN flag activated, that represent a try of start a connection. Am i wrong? So, and for UDP, i have different results too, using the xml and reading the iptables' log directly. But the UDP protocol do not have control mechanisms. What wflogs do about UDP? Thank you for the answers. -- Vinícius Batistela |
