Link-n-Log

Link-n-Log allows you to capture the log files from Linksys firewalls/routers. It has been extensively tested with the BEFSR41 but should also work with the BEFSR11, BEFSR81 and probably any of the other BEFSR family of routers. The application consists of a GUI to view the alerts and a Daemon process to capture the SNMP traps emitted by the Linksys device (the routers use SNMP to send transmit their log files). The GUI can display all incoming and outgoing connections, perform DNS lookups on the source or destination of any connection and can do port lookups to indicate what ports correspond to which servcies. The port lookup database was provided by the good people at Neohapsis.com. All the connection data is logged to a MySQL database so you can use tools other than the Link-n-Log GUI to view and manipulate it if you want.

The GUI looks like this (with my external IP smudged out to protect the innocent):

See the screen shots page for more images of Link-n-Log in action.

You can download Link-n-Log from my sourceforge project page. Link-n-Log should run on Linux and perhaps some other variants of Unix. While the GUI was created with QT, which should be platform independent, the DNS capability was implimented with native Linux system calls and so will not be portable (QT didn't provide an asyncronous DNS capability that I liked). Installation instructions can be found here.

The tool is fully functional currently, but there is still some features I'd like to add. If you want to contribute to the project or vote on which features you like to see most, feel free to contact me.

Additional features I'd like to add:

A nice setup wizard that helps you set up the database and the Firewall.
Impliment the tool using SQLite in addition to MySQL so users who don't want the MySQL functionality don't have to worry about setting it up or configuring it.
The ability to filter connections to look for certain types of data.