May 26, 2018

Summarise ipf logs by counting and sorting the fields

ipfcount reads ipf8 logs and extracts the following fields

iface group rule action shost sport dhost dport proto flags type dir

You can then print lists like ‘top blocked ports', 'top blocked hosts', or 'incoming connections sorted by interface and protocol'.

For more sophisticated lists, you can filter the entries using Perl expressions.

