logging of successful tcp connections

christopher.f.ulherr at exgate.tek.com christopher.f.ulherr at exgate.tek.com
Thu Apr 21 19:28:36 CEST 2005


I would like to know if there is a way I can log only successful tcp
connections. I'm only interested in successful (established) connections,
and not just syn "connection attempts". I guess what I need is a way to log
a single packet if it caused a state transition from NEW to ESTABLISHED. It
would also be helpful to log the packet that terminated the connection
(state change from established). In this manner, we could easily tell what
connections were made, and their duration (and not rely on the userland
application to log this info).

I've looked into using the state matching, but couldn't achieve this
specific functionality with that.

 

Is there some trivial way to accomplish this I am overlooking?

 

Thanks,

Chris



More information about the netfilter mailing list