iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog 2.0 is complete rewrite of iplog 1.x by behe <eric@ojnk.net>. As such, it contains all the features supported by iplog 1.x, including a built-in DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, and bogus TCP flags (used by scanners to detect the operating system in use). iplog 2.0 adds detection of Xmas scans, ICMP ping floods, UDP scans, and various IP fragment attacks. As mentioned above, iplog 2.0 has a packet filter.
ff5147246cf34d189e79e87c6d49b2e1487617532ec9d9f6b643394567e296c7