Re: [Wallfire-users] cisco_pix
Brought to you by:
eychenne
Menu
▾
▴
Re: [Wallfire-users] cisco_pix
|
From: Herve E. <rv...@wa...> - 2003-02-21 15:55:06
|
On Fri, Feb 21, 2003 at 08:37:23AM -0500, Tim Sailer wrote: > Thanks to Herve, I actually started getting some output from this > thing. Now, just a few comments, for the Pix, I can't tell if the > line I'm looking at was allowed or denied, and the order is all > scrambled, timewise. Should I sort the output somehow to get that? By default, output is summarized (that's why it appears scrambled), and not sorted. I just added a comment in the manpage to make things clearer. I wonder if we should not sort by default. What do you guys think? $ wflogs --sort=help Available sort keys: branchname chainlabel [...] Default sort key: -count,time,dipaddr,protocol,dport So, you can use the sort criterias you want. > How do I tell if the processed line was denied? Oh, yes. This information (for the cisco pix) is detailled in branchname. So you have to enable the branchname display, through to "branch" output module option. So, use : $ wflogs -i cisco_pix --branch=yes yourfile # text output module is assumed or $ wflogs -i cisco_pix -o html --branch yourfile # =yes is assumed Maybe we should enable this options by default, don't you think? Herve -- _ (°= Hervé Eychenne //) v_/_ WallFire project: http://www.wallfire.org/ |
