Analysing traffic from rule

Kelly Scroggins kelly at cliffhanger.com
Fri Aug 26 14:59:33 CEST 2005


Snort-Inline?

-- 
kelly
http://home1.gte.net/res0psau/index.html#Hang-Gliding-Stuff

	   --    -- 
	     \  /
	      \/
	      /\
	     /  \
	   --    --



Quoting Jimmy Hedman <jimmy.hedman at southpole.se>:
        I like to analyze the traffic with tethereal or tcpdump for example.
        
        // Jimmy
        
        On Fri, 2005-08-26 at 12:18 +0300, Maxim Shpakov wrote:
        > Hello Jimmy,
        > 
        > Friday, August 26, 2005, 12:02:11 PM, you wrote:
        > 
        > JH> Hi,
        > JH> I'd like to "see" the traffic that hits a rule and found
        > JH> http://www.stearns.org/doc/iptables-ulog.current.html which uses ULOG
        > JH> which works fine. But I wonder if its possible to do it without using
        > JH> ULOG and storing it on a file?
        > 
        > JH> // Jimmy
        > 
        > 
        > -j LOG  ? log traffic via syslog
        > 
        
        



More information about the netfilter mailing list