Copyright (C) 1999,2000  Rajeev Kumar (rxknh@yahoo.com)
Version: fwlostat-1.0
=====================================

o This program *ONLY* analyze the Checkpoint ACCCOUNT LOGS. 

o The program analyze the Checkpoint FW1 (V4.0) account logs, obtained from Master
  management console, where all firewalls are sending their account logs. Can be used
  safely for stadalone FW where there is single firewall is logging.

o The program assumes account logs (.alog  text file, after 'fw logexport' command) in form
  of:
num;logdate;logtime;orig;type;action;alert;i/f_name;i/f_dir;proto;src;dst;service;s_port;rule;elapsed;start_time;packets;bytes;user;sys_msgs

o Note: Above syntax in text account log file. It seems if you don't log Users entry in checkpoint
        rule base like:
	 Users@Any  YourNet  some_services  Accept  ACCOUNT 
						    ^^^^^^^
							If this is not present, the checkpoint
	may not produce ;user; column in text account log file(Don't ask me Why?), but make
	sure you have this. so that program will represent correct data.

o The program create several cache files (service, users, DNS(dbm), std_services(DBM)) for
  showing/processing information in a faster manner.

o Checkpoint account logs can be huge, depending upon how much traffic firewalls are logging.
  That's why files are divided into many pieces while command line raw log processing and
  depending upon tme selected in HTML form , only those files falls in the selected time
  range will be processed not the complete log. Still it can be huge data to process.
  Currently all these log files are stored in text format, If I get time and enthusiasm
  I may plan some better data structure.(May be binary files or so) Anybosy intrested is more
  than welcome.

o################################################################################
#
# This program is written in parts, so one invocation of this program will 
#run only paricular section from below.
#
#PART 1: Command line invocation
#        o Invoke this program from command line, to convert RAW checkpoint logs
#          into processed logs. During this part, it will sort out account logs 
#          based on origin Firewall, create cache file for CKP services, users in
#          log resolved name for IP address found in logs etc.
#
#    fwlogstat-1.0/fwlogstat.pl 
#
#PART 2: Present main HTML form to select Firewall to be analyze the logs.
#   http://www.yourwebserver.com/cgi-bin/fwlogstat-1.0/fwlogstat.pl?instance=real&action=main
#
#PART 3: Allows users to select the search criteria from HTML form presented, after
#        selecting a particular firewall in Part 2.
#
#PART 4: Will process logs and present summary based on selections in Part 3.
#       
################################################################################


o I am using some external programs/packages, packaged with this distribution giving full credit
  to the developers/author  of these packages.
  
	-> cgi-lib.pl :  http://cgi-lib.stanford.edu/cgi-lib/
	-> Date::Manip: CPAN perl module
	-> http://www.isi.edu/in-notes/iana/assignments/port-numbers (for std_services)