NAME¶
fiaif-scan - print syslog entries in human readable form
SYNOPSIS¶
fiaif-scan [
-n ] [
-m ]
DESCRIPTION¶
fiaif-scan reads lines from STDIN and prints to STDOUT, in human readable
form, any packets found (standard syslog format is assumed). Each log message
is parsed based on the configuration files at the time fiaf-scan is run. The
idea is to enable the user to quickly identify which zone rule is causing the
packet to be logged, and how to change this, if necessary.
OPTIONS¶
- -n
- Don´t do a reverse lookup of IP addresses or ports; display them as
numbers. This reduces the number of host lookups and speeds up scanning.
- -m
- print the MAC address on each line.
EXAMPLE¶
- fiaf-scan -n </var/log/messages
- Scan from the current system log and display any packets on the console.
Don´t look up names for IP addressses or ports; just show the
numbers.
FILES¶
/etc/fiaif/fiaif.conf
AUTHOR¶
Anders Fugmann <anders(at)fugmann.net>
BUGS¶
The program has been tested only with messages from the standard syslog. It may
work on lines from ulogd, but this has not been tested.
Bash may not be the fastest parser in the world. Expect this software to be
slow. (40 lines per sec on a K6-II/300Mhz without name lookups).
Please report other bugs to <fiaif@fiaif.net>.
SEE ALSO¶
fiaif.conf(5),
zone.conf(5),
iptables(8),
syslog(3)