Linux Firewall Log Analyser

Analyse Linux netfilter/iptables/nftables kernel logs. Supports syslog format (Mar 19 00:01:16 hostname kernel: ...) and kernel ring buffer format. DNS resolution via DNS-over-HTTPS updates automatically.

Total Events

DROP

FWD

Unique Sources

Interfaces

DROP FWD IN OUT

Top Source IPs

Source IP/Hostname	Events	DROP	Unique Ports

Top Destination Ports

Port	Events	DROP	SYN

Event Timeline

Top 10 Source IPs

Top 10 Destination Ports

Input Interfaces (IN=)

Output Interfaces (OUT=)

TTL Distribution

TCP Window Size Distribution

Network Interfaces

Input Interfaces (IN)

Interface	Events	DROP	Sources

Output Interfaces (OUT)

Interface	Events	DROP	Dests

MAC Addresses (Ethernet Headers)

Source MAC	Dest MAC	Eth Type	Events	Interface

TTL Analysis

TTL Value	Events	DROP	Unique Sources

TCP Window Sizes

Window Size	Events	DROP	Unique Sources