Webfwlog Firewall Log Analyzer


SourceForge.net Logo

Home Page
Security
Downloads
Development
Subversion Repository
Bugzilla
Author!

Web-Based Firewall Log Analysis and Reporting

WELCOME

Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP®. Webfwlog also supports logs saved in a database using the ULOG or NFLOG targets of the linux netfilter project, or any other database logs mapped with a view to the ulogd schema. Versions 1 and 2 of ulogd database schemas are supported.

Webfwlog fully supports IPv6 for database logs, and netfilter and ipfilter system logs.
Webfwlog includes lookup support for MaxMind's geoip data (version 2), with additional support for filtering and sorting for system logs and PostgreSQL database logs.

With Webfwlog you can design reports to use on your logged data in whatever configuration you desire. Included are example reports as a starting point. You can sort a report with a single click, "drill-down" on the reports all the way to the packet level, and save your report definitions for later use. You can also create a link directly to any saved report definition.

You can also try a demo.

NEWS 2023-11-16

Webfwlog-1.1.3 has been released and can be downloaded below. This release fixes compatibility with mysql >= 8.0 and php > 8.1, and also includes numerous improvements and bug fixes, see Changelog for details. All users are encouraged to update to this release. See the Change Log and Release Notes for details.

Enjoy!

PREREQUISITES

- A web server with PHP >= 5
      - PHP >= 7.2 required for geoip
- Log files in standard netfilter, ipfilter, ipfw, ipchains or Windows XP® format
      or database logs populated with the ULOG or NFLOG target of netfilter,
      or other database logs mapped with a view to ulogd version 1 or 2 schemas
- A MySQL, Mariadb, Percona or PostgreSQL database server:
      - MySQL - any production release
      - Mariadb - any production release
      - Percona - any production release
      - PostgreSQL >= 7.4
      - Full geoip support with PostgreSQL database logs requires:
            - PostgreSQL >= 9.1
            - ip4r extension >= version 2
      - Full geoip support with the syslog parser requires libmaxminddb
      - Berkeley db >= 4.1 is optional for performance with libmaxminddb.
- Your favorite web browser.

Windows XP® support provided via Cygwin.

DOWNLOADS

You can download source tarballs and rpms for webfwlog releases and rpms from Sourceforge or from the development site.

Additional downloads are available via anonymous ftp at ftp.webfwlog.net.

A FreeBSD package is available in the ports collection as security/webfwlog

TRANSLATIONS

Webfwlog is currently available only in English. If you are interested in translating webfwlog into your preferred language please contact me.

LICENSING

Webfwlog is licensed under the GNU GPL.

HELP

If you need help you can email the author.

BUGS

Please report bugs to Bugzilla.