Re: netstat -an alternatives
On Sunday 13 January 2002 01:01, Earl F Hampton wrote:
> On Saturday 12 January 2002 21:11, list3@centerbox.com wrote:
> > Hi.
> >
> > I am trying to create script that would activate when other
> > machines connect to certain ports on internet through this machine.
> > This box is doing the masquarading.
> >
> > I tried to use tcpdump, but it does not have any timeout options
> > that I need. And besides I just need to see if connection is
> > established. The packets might take a while to come in. I need
> > almost immidiate answer. I don't need to see the packets just that
> > there is currently a link established between a masquaraded machine
> > and a site on internet with a specific port#. Sort of like what
> > "netstat -an" does, but looking at non-local connections.
> >
> > Any ideas ?
>
> Have you tried iptables using log as a target
> or even limit and log
> or ulog if you feel ambitious.
>
> ipchains also has logging.
>
> Earl F Hampton
I'm using 2.2 kernel, so I tried ipchains logging an the amount of
logging is of the port alone is too big (~6MB / day). I don't want to
have to rotate logs quicker or bother with extracting the ipchains
logging entries in relation to that particular port#.
I want a more graceful solution.
Any ideas ? I need a quick non-local routing info, not detailed info on
packets.
Reply to: