______________________________________ Tiny Personal Firewall Log Analyzer version 1.2 beta 1 1/08/01 - First 1.2 release By Kephren : tinyfirewall@bigfoot.com And Apophis : Apophis@canada.com ______________________________________ Purpose This small tool is dedicated to improve TPF (Tiny Personal Firewall) logs analyze. It reads the TPF generated log and display it as you like, featuring : - Column sorting - Filtering (By column, by user define criteria) - Search - Networks tools (Hostnames/IP, trace route, ping) - Port/service/trojan explanation if PortList is installed - User friendly display (columns order, colors, zoom) - Statistics per protocol types - Export to Excel (XML soon) Installation - Unzip all executable files (and DLLs, OCX if needed) in any directory - Edit with notepad the configuration file : config.ini - line 2 : TPF logfile path (eg : C:\program files\tiny firewall\) - line 3 : PortList path if installed (else comment the line with #) - line 4 : JPG Wallpaper used behing the log window, feel free to customize it ! - Click on LogAnalyzer - Click Menu File/Open File and open your TPF log file (filter.log) Useful Hints 1. In the Zoom panel, click on the port number to find the corresponding service 2. To re-order the colums in the Log view, drag and drop the column header 3. To sort (Alphabetical and reverse order) a column, click on the colum header 4. To zoom on a log entry, double click on it 5. To refresh the log, disable the current filter or reset the initial columns positions/widths, simply click on the refresh menu or on the refresh button 6. To filter the logs, choose the Filter option of the Options menu or click on the filter button (top-right) 7. To search the next correponding item, click one more time on the Go button 8. To remove a column, just resize it at the minimum width or use the filter panel 9. To convert an IP address into hostname in the Zoom view, check Host Name Troubleshooting 1. Some Dlls or OCX are missing ??? You need VB runtime ! -> Download all these components on the TPF LogAnalyzer website : http://www.bigfoot/~tinyfirewall 2. Error when loading config file or logfile ? -> Check config.ini (check paths) 3. Error when looking for port description ? -> Check config.ini (check PortList path, is it truly installed ?) 4. Else ??? Write me at tinyfirewall@bigfoot.com ! Version history v1.2b1 - 1/08/01 : - New display component, can manage big log files (> 2Mb) - Minor bugs - Excel export function v1.1b6 - 31/07/01 : - File Dialog - Minor bugs v1.1b5 - 14/02/01 : - Statistics panel - Minor bugs - Networks tools improved - Read me file v1.1b4 - 13/02/01 : - Find hostname implemented, no DNS Cache available yet - Trace route & ping tools available - The port columns can be sorted as well v1.1b3 - 10/02/01 : - Improved GUI : tabs, one window, colors, buttons,... - Port/Service lookup using NIS Portlist if already installed - Configuration file (config.ini) available (logfile, portlist and background image paths) - Online help (yeah, this text !) - Search function - Filter function v1.0b - 8/02/01 : - First release To do : - Whois/DNS lookup options to resolve host address/host name and cache it - Improved Log filter (need to reload log to disable filter :-( ) - Export function (Excel, CVS, HTML, XML) - Taskbar icon and menu - Code cleaning, exceptions handling, optimizing - Any idea ??? Write me (kephren@canada.com) or do it yourself ! (VB6 code available) Known bugs to solve : - No check about Portlist location - Certainly many more :-) - Find one ??? Write me (kephren@canada.com) or correct it yourself ! (VB6 code available) Thanks to : - Albert Janssen for his NIS Portlist I used to retrieve associated port/service - All TPF developpers from Tiny Software, great product ! - Randy Birch, for his modules (DNS lookup, trace route, numeric sorting) www.mvps.org/vbnet - Clint LaFever for his extende ListView component, so great ! (http://lafever.iscool.net/) - You for using it This little tool was developped by Kephren and debugged by Apohis, it's FREEWARE, not acknowledged/supported by Tiny Software. Feel free to modify the source code, to make comments, to improve it. For updates, news, other tools, go to the TPF Log Analyzer web page : http://www.bifgfoot.com/~tinyfirewall Mirrors : http://www.tinyfirewall.maxximum.org http://server47.hypermart/tinyfirewall/ http://bookstore.free.fr/tinyfirewall/