View Single Post
  #2  
Old 23rd March 2012, 11:30
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,266
Thanks: 82
Thanked 24 Times in 20 Posts
Default

one step ahead right now, managed a little bit of summarization but not quite there. have a look. Why wouldn't the first two and the second two lines be combined?


Quote:
fwlogwatch summary

Generated Friday March 23 11:27:55 CET 2012 by root.
2286 (and 196 older than 86400 seconds) of 42358 entries in 2 input files are packet logs, 2272 have unique characteristics.
First packet log entry: Mar 22 11:31:00, last: Mar 23 09:06:46.

All entries were logged by the same host: "h1870666".
All entries have the same target: "-".
Only the top 50 entries are shown.
# chain interface source hostname destination hostname
3 [122722.930349] ** IN_TCP DROP ** eth0 221.192.199.49 - 85.214.229.212 h1870666.stratoserver.net
3 [136088.195078] ** IN_TCP DROP ** eth0 221.192.199.49 - 85.214.229.212 h1870666.stratoserver.net
3 [152954.629189] ** IN_TCP DROP ** eth0 58.218.199.227 - 85.214.229.212 h1870666.stratoserver.net
2 [90808.046695] ** IN_TCP DROP ** eth0 58.218.199.227 - 85.214.229.212 h1870666.stratoserver.net
2 [93661.021160] ** IN_TCP DROP ** eth0 221.192.199.49 - 85.214.229.212 h1870666.stratoserver.net
2 [100365.631003] ** IN_TCP DROP ** eth0 221.192.199.49 - 85.214.229.212 h1870666.stratoserver.net
2 [101198.482939] ** IN_TCP DROP ** eth0 58.218.199.227 - 85.214.229.212 h1870666.stratoserver.net
Reply With Quote