"Allowed Connections Log" and some log suggestions.

Discussion in 'Other Ghost Security Software' started by [suave], Sep 28, 2005.

Thread Status:
Not open for further replies.
  1. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    Hi,

    I just have a suggestion for ghostwall.

    1) The blocked connections log for TCP, UDP, ICMP, and RAW can be combined into one log. I don't think there is a real need to have 4 different logs for that. If they were combined it would be less confusing, plus we would still be able to identify which is which because it would state that in the "TYPE" column.

    2) What I think would be really useful is a log for allowed connections as well. I just made a careless rule that was to "loose" and it was allowing more connections than it should have. If I had an allowed log I would have noticed that and tightened up the rule.

    Another great feature to the logs would be an additional column that displays the rule that triggered the event. For example, i have a rule called "test", and this rule caused some connection to be blocked or allowed... whatever the case may be. In the log, the last colum should tell me that this event was triggered because of the rule "test".
     
  2. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    In regards to #2, do you know that if you click on any other column apart from the BLOCKED one, you do see the last 50 ALLOWED packets for the protocol?
     
  3. [suave]

    [suave] Registered Member

    Joined:
    Apr 5, 2005
    Posts:
    218
    well... i know that now :D

    This is great! I really think you have something here Jason. This firewall is making me hate my outpost license more and more each day :rolleyes:

    It also solved a problem for me. I was never able to listen to music and surf the web at the same time without the music skipping. Now that outpost is gone, ghostwall seems to handle the web with less resource usage and I can breathe again :p

    So what do you think about adding an extra colum to the logs that shows the rule that triggered the event?

    I was thinking that maybe you can number the rules with a # column on ghostwall's main screen and then add an extra column to the logs that displays the rule# that triggered it. I think it will be less confusing to do it by rule number than by rule name, as I suggested previously.
     
  4. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    We think alike [suave] , I had originally planned to show the count of packets affected by each rule in another column. I'll see what I can do for the next update.
     
Thread Status:
Not open for further replies.