[LogReport] firewall / iptables report (was: baker 20031028) (fwd)
Ray Finch
finchray at harbornet.com
Tue Oct 28 21:50:38 CET 2003
Hi, I'm using Lire to monitor a debian linux iptables firewall. I can tell
from /var/log/messages that plenty of packets are being denied. I've
attached the report below. My question is, why am I getting all the 'no
content in report' lines below when I know packets are being denied?
Sincerely,
Ray Finch
<finchray at harbornet.com>
---------- Forwarded message ----------
Report generated: 2003-10-28 10:00:07 PST
Reporting on period:
2003-10-27 07:49:02 PST - 2003-10-28 08:44:39 PST
Firewall Summary
----------------
Packet Summary
Packets_count .......................................... 2886
Packets_by_action
- 2886
Packets_by_protocol
udp 2718
tcp 168
From_host_total ........................................ 2303
Packets_by_from_host ................................... 1.25
To_host_total ............................................. 2
Packets_by_to_host .................................. 1443.00
Traffic's Volume Summary
Vol_count .............................................. 1.0M
Volume_by_action
- 1.0M
Volume_by_protocol
udp 1.0M
tcp 7.1k
Avg_volume_by_from_host ............................... 473.3
Avg_volume_by_to_host ................................ 532.2k
Messages Reports
----------------
No subreports were generated for this section.
Volume's Traffic Reports
------------------------
Applied filter in this section: permitted events
Volume by Rule
No content in report.
Bytes by 1d
No content in report.
Volume of Traffic by 1h Timeslot
00:00 ..................................................... 0
01:00 ..................................................... 0
02:00 ..................................................... 0
03:00 ..................................................... 0
04:00 ..................................................... 0
05:00 ..................................................... 0
06:00 ..................................................... 0
07:00 ..................................................... 0
08:00 ..................................................... 0
09:00 ..................................................... 0
10:00 ..................................................... 0
11:00 ..................................................... 0
12:00 ..................................................... 0
13:00 ..................................................... 0
14:00 ..................................................... 0
15:00 ..................................................... 0
16:00 ..................................................... 0
17:00 ..................................................... 0
18:00 ..................................................... 0
19:00 ..................................................... 0
20:00 ..................................................... 0
21:00 ..................................................... 0
22:00 ..................................................... 0
23:00 ..................................................... 0
Volume per sending IP, Top 10
No content in report.
Volume per destination IP, Top 10
No content in report.
Top Destinations (in Volume of Traffic) by Source IPs,
Top 15, Top 20 source IPs
No content in report.
Top Source IPs (in Volume of Traffic) by Destination, Top
15, Top 20 destinations
No content in report.
Volume per source IP, per source port, Top 15 IPs, Top 20
ports
No content in report.
Volume per destination IP, per port, Top 15, Top 20 ports
No content in report.
Denied Packets Reports
----------------------
Applied filter in this section: denied events
Packets by Rule
No content in report.
Packets by 1d
No content in report.
Packets by 1h Timeslot
00:00 ..................................................... 0
01:00 ..................................................... 0
02:00 ..................................................... 0
03:00 ..................................................... 0
04:00 ..................................................... 0
05:00 ..................................................... 0
06:00 ..................................................... 0
07:00 ..................................................... 0
08:00 ..................................................... 0
09:00 ..................................................... 0
10:00 ..................................................... 0
11:00 ..................................................... 0
12:00 ..................................................... 0
13:00 ..................................................... 0
14:00 ..................................................... 0
15:00 ..................................................... 0
16:00 ..................................................... 0
17:00 ..................................................... 0
18:00 ..................................................... 0
19:00 ..................................................... 0
20:00 ..................................................... 0
21:00 ..................................................... 0
22:00 ..................................................... 0
23:00 ..................................................... 0
Packets by Source IP, Top 10
No content in report.
Packets by Destination IP, Top 10
No content in report.
Top Destinations by Source IPs, Top 15, Top 20 source IPs
No content in report.
Top Source IPs by Destination, Top 15, Top 20
destinations
No content in report.
--
LogReport
http://www.LogReport.org/
mailto:logreport at logreport.org
--
To UNSUBSCRIBE, email to questions-request at logreport.org with a subject of
"unsubscribe". Trouble? Send an email with subject "help" to
questions-request at logreport.org
More information about the Questions
mailing list