[Dshield] DShield.py 1.0!

Eelco Lempsink eelco at 33lc0.net
Thu Nov 29 22:37:13 GMT 2001


DShield.py (a Python script that parses iptables logs to the DShield
format (which will save DShield some load)) is stable enough for a
1.0 release. I moved almost everything around and put it in nice
functions. It's now easier to add support for different log formats.
(I'm thinking of ipchains as the next format to be added)

- Parsing Linux iptables log (doh)
- Counting and TCP flags
- Read options from (a) configfile(s) and command line
- Sending a copy of the report to yourself
- Output some info about what it's doing
- IP obfuscation
- 'Autodetection' of year and timezone
- Easy to set up as a cronjob (hm... not really a feature :)

I've .tar.gz'ed the script together with an example config file,
some instructions/manual (README) and a changelog.

You can download it directly from:

Or go through the SourceForge page:

Eelco Lempsink  -  eelco @ 33lc0.net  -  (www|wideview)?.33lc0.net
Intelligence is the ability to avoid doing work, yet getting the work done
	--Linus Torvalds

More information about the list mailing list