| navigate 
 
 link-o-matic 
 
 
  pictures
  
thanksgiving in iowa, western cable show  
 
 
 useless hacks
  
  
 
 
 projects
  
 unbound
  
  
 
  going elsewhere
 
  
 beth
  
  
 
  the past
 
  
  
  
 
 support 
 
  
  
  
  
 
  contact
 
  | march 30, 2003 outlaw i guess according to this new law in michigan which takes effect monday, i am an outlaw. march 24, 2003 i must not blog bad thoughts war blogs, an idea i had, was so obvious. at least someone is doing it (i tried, failed, gave up, no time to do it right). trogdor the blogginator got a face lift, it now looks more like aggie. its a format that works. i spent more time than i should have on it, but it was worth it. i'm already being fed my morning news and information more efficiently. trogdor is on a 12h shift, aggie a 1.6h shift. march 19, 2003 finally grokking it added trogdor the blogginator, a site to aggregate the blogs i read together. news aggregation has been really useful, i want to keep this up. i finally get the whole thing, now if i could only make pages that looked better. i hope to have this fully functional by the end of the week. feedback welcome. speaking of news aggregation, i'm looking for the wall street journal in a form i can use (RSS, free if possible), the economist.com in RSS, and stratfor.com ins RSS. news junky! march 16, 2003 one step closer miohael semcheski sent me a nice XSL file for pf2xml. thanks! version 0.22 has been released to make use of it (and his XSL file is also up there). march 12, 2003 marquee lights 
   march 10, 2003 storm's a brewin aggie the aggregator now does weather, thanks to the kind folks at http://weather.interceptvector.com/ . i highly suggest you check it out. march 8, 2003 news flash ... new version of my aggregated news format is up. this one is heavily influence by meerkat but is, obviously, tailoed to my interests and needs. i'll see how this one goes ... march 5, 2003 more pretty packets posted pf2xml version 0.1 to my site, deadly, and the pf@ mailing list. basically, you run it like this ... # tcpdump -nettti pflog0 | pf2xmland you wind up with output like this: <packet> <time="Mar 05 11:30:28.073759"> <rule="rule 0/0(match)"> <action="pass in on fxp0"> <src="1.1.1.90"> <sport="27027"> <dst="1.1.1.84"> <dport="22"> <extra=". ack 11409 win 10192 <nop,nop,timestamp 422450 1653078529>"> </packet>let me know if you find it useful. later ... thanks to jobo i now have valid XML output. pf2xml 0.2 is now out which produces valid XML (tested in IE 6.0). the entries now look like this: 
<?xml version="1.0" ?>
  <pf>
    <packet>
      <timestamp date="Mar 05" time="13:12:39.950017" />
      <reason rule="rule 0/0(match)" action="pass in on fxp0" />
      <source ip="1.1.1.90" port="3685" />
      <destination ip="1.1.1.84" port="22" />
      <extra information=". ack 2451634794 win 17376 <nop,nop,timestamp 434713 1653090792>" />
    </packet>
  </pf>
enjoy, as always, feedback welcome.even later ... posted a page on pf2xml and released a new version which fixes up some character conversions, version 0.21. march 4, 2003 off the radar, off the grid 
 new stsh fixes a bug in copying argv over ... pflogexport is in opensoekris but has a bug in pf_add(). synackd hasn't seen the light of day yet. libstack is on the back burner but should be intersting. i wonder why stuff like dish, libcli, and burrow are up there ... what you dont see is stuff i did for work, and the pfacct device i'm trying to add to the openbsd kernel (for netflow like accounting exports). nor do you see me uploading pics like i said i would. maybe soon, i don't know. just too busy ... |