[Q] IPtables, Port numbers.....
Felix Karpfen
felixk at webone.com.au
Sat Jun 8 11:00:30 EST 2002
Brett Worth wrote:
> On Fri, 7 Jun 2002, Donovan J. Edye wrote:
>
> > I have been looking at my firewall logs and was wondering what the best way
> > was to trace what had actually caused the entry.
>
> The tool I would use is lsof. e.g. lsof -i TCP to see who owns TCP
> listeners.
That is the tool for experts who know what they are doing.
Amateurs (like me) have to make do with fwlogwatch:
http://cert.uni-stuttgart.de/projects/fwlogwatch/
A sample output is attached (I am using IPchains; but it also works with
IPtables).
Felix Karpfen
--
Felix Karpfen
felixk at webone.com.au
Public Key 72FDF9DF (DH/DSA)
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the linux
mailing list