Firewall Monitor (fwmon)

Description

This program allows you to monitor ipchains/iptables output in realtime. It supports both logging to a file/stdout and/or to tcpdump format capture logs. It also supports security features such as running non-root, and chrooting itself. This program has been known in the past as "Firestorm Firewall Monitor", however it shares no common code with firestorm.

Contact

You can address any bug reports, patches, questions etc.. to Gianni Tedesco <gianni at scaramanga dot co dot uk>

Copyleft - All rights reversed

Firewall monitor is free software released under the GNU GPL version 2.
Firewall Monitor is Copyright © 2001-2002 Gianni Tedesco.

Platforms

Firewall monitor runs only under Linux due to the fact that it takes advantage of a Linux kernel specific functionality.

Notes

To run this on Linux 2.4 you will need the NETLINK iptables target which you can find in the latest version of iptables which (as far as I know) most distributions aren't shipping yet. If you run a redhat based distro you can try my rpms.

Download

The latest version is 1.1.0
Version 1.1.0 Source code - Source RPM - 386 Linux RPM
Version 1.0.11 Source code - Source RPM - 386 Linux RPM - NOTE: this version fixes a permission problem with libpcap files
Version 1.0.10 Source code - Source RPM - 386 Linux RPM - NOTE: this version fixes a long standing crash bug.
Version 1.0.9 Source code - Source RPM - 386 Linux RPM
Version 1.0.8 Source code - Source RPM - 386 Linux RPM
Version 1.0.7 Source code - Source RPM - 386 Linux RPM - NOTE: This version has a remote DoS security flaw.
Version 1.0.6 Source code - Source RPM - 386 Linux RPM

Sample Output

02-07-01 13:17:48 [eth0] TCP 195.224.53.71:80 -> 192.168.254.3:20239 [AS] ttl=115 len=44
0000 : E..,.&@.s.n...5G 45 00 00 2C E1 26 40 00 73 06 6E D1 C3 E0 35 47
0010 : .....PO.1..,..._ C0 A8 FE 03 00 50 4F 0F 31 E7 F3 2C 1C 01 8A 5F
0020 : `."8.6.......... 60 12 22 38 A3 36 00 00 02 04 05 B4

Current Features

TODO

Valid HTML 3.2!

Copyright (c) Spanish Inquisition 1478-1834. All rights reversed.