Hi there,

A little toy I been playing with:

# junkview -v last=12 -v hits=3 /var/log/messages
junkview start: Jan 22 09:52:53

25/tcp 3 |(((((( . . . . 5.7
143/tcp 3 |(((((( . . . . 5.7
1025/udp 3 |(((((( . . . . 5.7
1032/udp 4 |(((((((( . . . . 7.5
1033/udp 2 |(((( . . . . 3.8
4081/udp 2 |(((( . . . . 3.8
4257/udp 2 |(((( . . . . 3.8
4321/udp 1 |(( . . . . 1.9
4329/udp 1 |(( . . . . 1.9
4476/tcp 1 |(( . . . . 1.9
4899/tcp 12 |((((((((((((((((((((((( . . 22.6
8080/tcp 6 |((((((((((( . . . 11.3
11039/tcp 1 |(( . . . . 1.9
15118/tcp 3 |(((((( . . . . 5.7
24480/tcp 2 |(((( . . . . 3.8
40784/tcp 1 |(( . . . . 1.9
others 6 |((((((((((( . . . 11.3
total 53 +---------+---------+---------+---------+-----
0 10% 20% 30% 40%

Chart period is from Jan 22 10:08:13 (+1100) to Jan 22 21:52:01 on deltree.
Reviewed 151 records, processed 109 to find 53 tagged 'InpDrop:'.

Offenders:
by hits by address
---------------------- ----------------------
6 61.217.110.79 3 24.200.171.79
5 221.5.251.195 3 60.240.211.2
3 66.190.81.204 3 61.122.53.152
3 61.122.53.152 6 61.217.110.79
3 60.240.211.2 3 66.190.81.204
3 24.200.171.79 3 218.71.215.246
3 220.239.4.164 3 220.127.113.134
3 220.127.113.134 3 220.239.4.164
3 218.71.215.246 5 221.5.251.195
---------------------- ----------------------

Any use? What other info from logs should be displayed?

Thanks,
Grant.
--
I'm always right. This time I'm just even more right than usual.

Linus
--seen on lkml