logging of successful tcp connections

Eric Leblond regit at inl.fr
Fri Apr 22 17:14:14 CEST 2005

Le jeudi 21 avril 2005 à 09:38 -0700,
christopher.f.ulherr at exgate.tek.com a écrit :
> I would like to know if there is a way I can log only successful tcp
> connections. I'm only interested in successful (established)
> connections, and not just syn "connection attempts". I guess what I need
> is a way to log a single packet if it caused a state transition from NEW
> to ESTABLISHED. It would also be helpful to log the packet that
> terminated the connection (state change from established). 

Have a look at :
We used this in the NuFW project(http://www.nufw.org) to track the state
of connections.

> In this
> manner, we could easily tell what connections were made, and their
> duration (and not rely on the userland application to log this info).
> I've looked into using the state matching, but couldn't achieve this
> specific functionality with that.
> Is there some trivial way to accomplish this I am overlooking?
> Thanks,
> Chris

More information about the netfilter mailing list