Logging the whole packet
opie at 817west.com
Wed Nov 24 15:58:42 CET 2004
On Wed, 2004-11-24 at 06:03, israel Gold wrote:
> Jason Opperisano wrote:
> >>AFAIK, the normal LOG target cannot actually do this. instead, use
> the ULOG target which will copy the entire packet to the
> >>userspace ulogd daemon where you can use the ulogd_PCAP.so plugin to
> create a tcpdump file of the packets you are
> >>interested in.
> I also would like to log the packet data. In fact, I would like to
> monitor NFS Write calls.
> However, using ULOG and copying all packets to user space is time
> I have no interest in Read calls which is most of the traffic.
> Does iptables provide a tool to filtering packets by looking at the data
iptables is a firewall; not a high performance packet capturing tool.
you guys ever heard of tcpdump? snort?
"They think they're so high and mighty, just because they never got
caught driving without pants."
More information about the netfilter