- Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Sponsored Links

Latest News
  General News
  Press Releases
  Off Topic

Back to files


Author: Gerhard Khüny <>


Loggrep greps kernel logfiles on ipchains or iptables packet log entries and features the posibility to filter against given entries (date, IP, port, ..). It also features a quasi-detection of portscans, line count and html output.


IPCHAINS: Define the logfile type to ipchains.

        ./configure --with-ipchains
        make install

IPTABLES: Define the logfile type to iptables.

        ./configure --with-iptables="IPTABLES LOGPREFIX" (Set the logprefix you specified by iptables)
        make install
        To identify a logline generated by iptables, the line must conatin a logprefix. 
        e.g iptables -A my_drop -p TCP  -j LOG --log-prefix "DROP-TCP:  " 
            iptables -A my_drop -p UDP  -j LOG --log-prefix "DROP-UDP:  "
        To scan both TCP AND UDP use LOGPREFIX="DROP-".
XML:     Define the logfile type to any kind of logfiles which contain lines.
        ./configure --with-xml

You are able to define logfiles with xml. The xmlfile will be installed in the share directory. The file logfile.xml shows you a definition for iptables. You can modify the xmlfile for ajusting to your requirements, but you have to follow the dtd (logfile.dtd).

Sponsored Links

Discussion Groups
  Networking / Security

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 All rights reserved.