Paul Taylor wrote:
> What the matter? Don't like my Firewall States table? :)
Very handy indeed. That is a huge benefit to me and I am sure many
others. It just doesn't give you an idea about what is actually
traversing that connection or how much is traversing it.
> Yes, I agree that this is a problem where the solution isn't obvious without
> a sniffer, but the states table can give you good leads... He might have not
> known there was a problem without it.
Yea... but I want a sniffer ;) Seriously though... I am sure we both
agree that if one was available it would be used a lot when diagnosing
> The states table uses a program that was already in the Monowall image, so
> it mostly took the PHP code to call it, parse the result, allow sorting, and
> perform the deltas on packets and bytes.
> If you can find a command-line based sniffer application that is in the
> 50-100K range (including all supporting files), Manuel might let it slip
> into production, if someone can make a decent interface for it. Heck, I
> might even give it a shot.
It looks like the images and module install scripts at
http://www.xs4all.nl/~fredmol/m0n0/ to add tcpdump and ssh were updated
to the 1.2 version so I can just use that. The older scripts that were
on that site for 1.1 didnt work with 1.2. It seems to add just over 1
meg to the size btw.
I will drop the issue of tcpdump now. Everyone knows that I think it
would be useful and we have slightly gone off topic. Thanks for the
firewall state table.