Re: iptables + port traffic
- From: Allen Kistler <ackistler@xxxxxxxxx>
- Date: Sat, 22 Sep 2007 11:51:42 -0500
Rufman wrote:
how can i make iptables dump the amount of traffic going through
specific ports into a file, so that a prog like iam (http://
www.intevation.de/iam/) can parse the contents and display the port
traffic.
or
does anyone know a better way to measure port traffic?
I dump select netfilter traffic into a special syslog log file (for
participation in DShield) with the following syslog.conf line.
kern.debug;kern.!info /var/log/dshield
Then in iptables I define custom log targets like
-A logaccept -j LOG --log-level debug --log-prefix "iptables ACPT: "
-A logaccept -j ACCEPT
There are debug messages from the kernel other than netfilter/iptables,
so I still have to filter the log file before I send it through
DShield's parser. You'll probably have to do the same.
.
- References:
- iptables + port traffic
- From: Rufman
- iptables + port traffic
- Prev by Date: Re: Network packet loss possible inside the linux kernel?
- Next by Date: Re: A script for scanning the internet for one particular index.html?
- Previous by thread: iptables + port traffic
- Next by thread: Advice needed for network planning (Firewall, Proxy, DNS, DHCP, SMB, FTP, HTTP, SSH, VPN)
- Index(es):
Relevant Pages
|
