Windows XP Firewall Log Viewer 0.2

logoThe Windows Firewall log allows advanced users to collect and identify inbound traffic. You can log dropped packets and successful connections. Security logging does not need to be enabled for Windows Firewall to function. Because security logging is considered an advanced option, it is not enabled by default. To enable logging, follow these steps:

  1. Click Start, Run, and type firewall.cpl, and then click Ok.
  2. Click the Advanced tab.
  3. Under Security Logging, click the Settings button.
  4. In the Log Settings, click to select the Log dropped packets and Log successful connections checkboxes, and then click Ok.
  5. Click Ok to close the Windows Firewall.

Once logging is turned on all of the information is written to a file called, pfirewall.log (located at C:\WINDOWS\pfirewall.log). When the file reaches its maximize size, the information is written to a new file, pfirewall.log.1. The newest data is stored in the pfirewall.log and contains all information you choose to log.

Since i needed to see what packets are being blocked and accepted, i came accross a wonderfull FREE tool called Windows XP Firewall Log Viewer. Windows XP Firewall Log Viewer reads the log file (pfirewall.log) that the Internet Connection Firewall (ICF) in Windows XP generates.

With Windows XP Firewall Log Viewer you can:

  • view the log
  • sort the log
  • filter the log
  • view statistics


hope this is a gr8 tool to do some NSM, if u have any other gr8 (free) tools, let me know 🙂


About this entry