[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How can I get all IP transactions (in/out) logged?

listcomm@ml1.net wrote:

It seems to me that the log won't necessarily be very large. It really
depends on how the connection is being used, doesn't it? An hours
worth of log from a dialup connection couldn't be very large, for

Of course, on a broadband connection with lots of websites being
visited or files being downloaded, the log would become quite large
fairly quickly.

It  would depend on how much information is logged.  Logging the
of packets during a web surfing session would generate
a large file.  But, all I'm interested in is a source and destination
IP for what has gone in and out of my system, along with possibly what
port was used, what process ID was using the port, a timestamp, and a
packet count.

The kernel can log stuff like this:

Shorewall:net2all:DROP:IN=ppp0 OUT= MAC= SRC= DST= LEN=1106 TOS=0x00 PREC=0x00 TTL=101 ID=28911 PROTO=UDP SPT=3790 DPT=1026 LEN=1086

Still, you're likely to get big logs.
For more info
man iptables



-- spambait
1aaaaaaa@computerdatasafe.com.au  Z1aaaaaaa@computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

Reply to: