[Wallfire-users] [ANNOUNCE] Release of wflogs-0.9.5
Brought to you by:
eychenne
Menu
▾
▴
[Wallfire-users] [ANNOUNCE] Release of wflogs-0.9.5
|
From: Herve E. <rv...@wa...> - 2003-04-07 10:31:55
|
Hi!
here's new version wflogs-0.9.5, the firewall log analyser of
the WallFire project.
Its main evolution is the introduction of real-time and interactive
modes (-R and -I options), which can be combined for an evoluated
real-time monitoring (a la 'tail -f').
Changes from 0.9.4:
* New realtime mode ('-R' option).
* New interactive mode ('-I' option).
* Added new configure option --with-default-logfile, enabling to specify
the builtin default logfile.
* Added display of ECE and CWR tcp flags.
Bugfixes from 0.9.4:
* Fixed a bug which prevented snort input module from working properly (snort
module does not set any input or output interface fields).
* Fixed pix input module which works now properly with every pix version
format.
Download:
http://www.wallfire.org/download/wflogs-0.9.5.tar.gz
http://www.wallfire.org/download/wflogs-0.9.5.tar.bz2
http://www.wallfire.org/download/debian/wflogs_0.9.5-1_i386.deb
Debian binary packages are made for woody, but should also work on sid.
Remember that you need the last version of wfnetobjs in order
to compile wfconvert and wflogs. Read INSTALL instructions in both
source trees.
wfnetobjs is available at:
http://www.wallfire.org/wfnetobjs/
Both source trees must be untarred from the same directory, and
you'll have to rename wfnetobjs-version to wfnetobjs, or create a
symbolic link.
You may also consider using wflogs with libadns (an asynchronous DNS
resolution library), which speeds up things greatly on large log files.
You can find it at:
http://www.chiark.greenend.org.uk/~ian/adns/
homepage:
http://www.wallfire.org//
General information about the WallFire project can be found at:
http://www.wallfire.org/
Happy firewalling,
Herve
--
_
(°= Hervé Eychenne
//)
v_/_ WallFire project: http://www.wallfire.org/
|
