logging of successful tcp connections

christopher.f.ulherr at exgate.tek.com christopher.f.ulherr at exgate.tek.com
Thu Apr 21 18:38:37 CEST 2005


I would like to know if there is a way I can log only successful tcp
connections. I'm only interested in successful (established)
connections, and not just syn "connection attempts". I guess what I need
is a way to log a single packet if it caused a state transition from NEW
to ESTABLISHED. It would also be helpful to log the packet that
terminated the connection (state change from established). In this
manner, we could easily tell what connections were made, and their
duration (and not rely on the userland application to log this info).

I've looked into using the state matching, but couldn't achieve this
specific functionality with that.


Is there some trivial way to accomplish this I am overlooking?


Thanks,
Chris



More information about the netfilter mailing list