LILA is a command line tool that allows you to monitor netfilter logs stored in a MySQL database in real time. It converts the text messages created by netfilter into nice colored output. Two features that should be highlighted are that it resolves IP addresses to hostnames with two different techniques and detects duplicate packets (with the same destination IP and chain) that have been sent in a freely configurable time interval. This allow the user to avoid getting flooded with hundreds of identical packets that don't offer any additional information. It uses a separate configuration file, which allows you to modify various aspects on how it works and how logs are being displayed. It has a lot of other features.
|Tags||iptables Netfilter log analyzer live monitoring|
|Implementation||Netfilter SQL Syslog|