2.8.4. Firewall Logs Page

This page shows data packets that have been blocked by the IPCop firewall.

Note

Not all denied packets are hostile attempts by crackers to gain access to your machine. Blocked packets commonly occur for a number of harmless reasons and many can be safely ignored. Among these may be attempted connections to the "ident/auth" port (113), which are blocked by default in IPCop.

The controls on this page are the basic Month, Day, << (Day before), >> (Day after), Update and Export buttons that are described in detail at the beginning of this Section.

The Log: section of this page contains an entry for each of the packets that were "dropped" by the firewall. Included is the time of the event, the Source and Destination IP addresses and ports for the dropped packet, the protocol used for that packet, and the IPCop Chain and Interface involved.

You can obtain information about the listed IP addresses by clicking on an IP Address. IPCop performs a DNS lookup and reports any available information about its registration and ownership.

Figure 2.80. Firewall Log Output

Firewall Log