Helpfile for the sf firewall utilization

(press the back button of your browser to go back to the count)
sf Auswertung HILFE

Help for the detail count regarding destination IP

This count includes the records of the logfiles. There are only the records according to your preselection shown. With the filter function, you can exactly define which records you like to see. It is also possible to change the actual preselection there.

General functions:

Clicking on the back icon gets you back to the main page. There you can choose a new utilization.
Clicking on the filter icon allows you to define a filter for the actual count. This is helpfull, if you wish to see only part of all records.
Clicking on the help icon shows this helpfile !

Sort function:

In the upper yellow bar, you can control the order of the records. By clicking on the appropriate term you can sort the records accordingly. The actual sort is written in bold letters. By clicking on a bold term, you can sort the records in inverse order.

definition of used terms:

date of request

This is the date appearing in the logfile of the firewall for the shown request. NOTE: In the logfile the date is stored without the year. So you have to define the year during the import of the logfiles.

firewall rule

This is the number of the firewall rule used to allow or deny the routing of a request.
NOTE: the rule number is changing whenever a change on the firewall configuration is made. So if you make a count on several logfiles, make sure, that the configuration file of the firewall hasn't changed. Otherwise it doesn't make sense to use this utilization!

action of firewall

This field tells you whether the request has passed the firewall (accept), or whether the request was stopped by the firewall (deny).

protocol type

This term tells you which protocol type was requested.

source IP

These are the IP numbers of requesting hosts. In other words it is the source of a request. It doesn't tell you whether the requesting IP is behind the firewall or not.

source name

These are the hostnames of requesting hosts. In other words it is the source of a request. It doesn't tell you whether the requesting host is behind the firewall or not.

source port

This is the port used by the requesting host for this request.

destination IP

These are the IP numbers of requested hosts. In other words it is the destination of a request. It doesn't tell you whether the requested IP is behind the firewall or not.

destination name

These are the host names of requested hosts. In other words it is the destination of a request. It doesn't tell you whether the requested host is behind the firewall or not.

destination port

This term tells you which service was requested. It doesn't tell you whether the service was requested by someone behind the firewall or not.

sf Auswertung v0.1 BT