May 26, 2018

Summarise ipfw logs by counting and sorting the fields

ipfwcount reads ipfw8 logs and extracts the following fields

rule action proto type shost sport dhost dport dir iface

You can then print lists like ‘top blocked ports', 'top blocked hosts', or 'incoming connections sorted by interface and protocol'.

For more sophisticated lists, you can filter the entries using Perl expressions.

