logging of successful tcp connections
Eric Leblond
regit at inl.fr
Fri Apr 22 17:14:14 CEST 2005
Le jeudi 21 avril 2005 à 09:38 -0700,
christopher.f.ulherr at exgate.tek.com a écrit :
> I would like to know if there is a way I can log only successful tcp
> connections. I'm only interested in successful (established)
> connections, and not just syn "connection attempts". I guess what I need
> is a way to log a single packet if it caused a state transition from NEW
> to ESTABLISHED. It would also be helpful to log the packet that
> terminated the connection (state change from established).
Have a look at :
http://regit.free.fr/nufw/content.php?article.11
We used this in the NuFW project(http://www.nufw.org) to track the state
of connections.
> In this
> manner, we could easily tell what connections were made, and their
> duration (and not rely on the userland application to log this info).
>
> I've looked into using the state matching, but couldn't achieve this
> specific functionality with that.
>
>
> Is there some trivial way to accomplish this I am overlooking?
>
>
> Thanks,
> Chris
>
More information about the netfilter
mailing list