See this link if you want to get a copy of a packet filter log analysis tool (which runs on LINUX).
If you want to interpret the contents of a packet filter log file, perhaps to write your own analysis tool, here is an explanation of the fields, provided by Gonzalo Morera.
Sample log file line:
11/06/2000, 13:31:48 +0100, 148.122.170.133, 213.188.28.102,
TCP, 80,1343, PSH ACK ,1,5,5,-,-,INBOUND
11/06/2000 Date
13:31:48 Time +0100 GMT offset
148.122.170.133 source IP address
213.188.28.102 destination IP address
TCP TCP protocol
80 destination port
1343 source port
PSH ACK Push, acknowledge
1 TCP flags 1 policy setting (if rule specifies discard => set to 0; if rule specifies discard => set to 1)
5 Inbound board number (registered at the LSL level and obtained from TCPCON interface table)
5 Outbound board number (registered at the LSL level and obtained from TCPCON interface table)
IPheader (we do not dump header info and therefore it's always blank)
IPpayload (we do not dump header info and therefore it's always blank)
INBOUND Direction of traffic (inbound, outbound or loopback)