Displaying page
of
pages;
Items to
|
Title |
Test
Details
IP Tables
|
|
Expression |
^(?<Date>.+\s\d+\s\d+\:\d+\:\d+).+\:.+\:(?<Traffic>.+)\:(?<Rule>.+)\:IN\=(?<InboundInterface>.+)\sOUT\=(?<OutboundIntercace>.*?)\s(?:MAC\=(?<MacAddress>.+)\s|)SRC\=(?<Source>.+)\sDST\=(?<Destination>.+)\sLEN\=.+TOS\=.+PROTO\=(?<Protocol>.+)\sSPT\=(?<SourcePort>.+)\sDPT\=(?<DestinationPort>.+)\s.+$
|
|
Description |
The goal of my regular expression is to allow me to break apart IP Table log files so that I can build a basic web front-end to allow me to view the traffic on the network. The MAC address is optional, because the way that this firewall works, is by providing the MAC address when the outbound address is not available.
|
|
Matches |
Jul 20 13:05:08 123.123.123.123 kernel: Shorewall:loc2net:REJECT:IN=eth0 OUT=eth1 SRC=444.333.222.111 DST=111.222.333.444 LEN=59 TOS=0x00 PREC=0x00 TTL=127 ID=12267 PROTO=UDP SPT=2121 DPT=53 LEN=39
|
|
Non-Matches |
Anything Else
|
|
Author |
Rating:
Sean McIlvenna
|
Displaying page
of
pages;
Items to
