logging of successful tcp connections
regit at inl.fr
Fri Apr 22 17:14:14 CEST 2005
Le jeudi 21 avril 2005 à 09:38 -0700,
christopher.f.ulherr at exgate.tek.com a écrit :
> I would like to know if there is a way I can log only successful tcp
> connections. I'm only interested in successful (established)
> connections, and not just syn "connection attempts". I guess what I need
> is a way to log a single packet if it caused a state transition from NEW
> to ESTABLISHED. It would also be helpful to log the packet that
> terminated the connection (state change from established).
Have a look at :
We used this in the NuFW project(http://www.nufw.org) to track the state
> In this
> manner, we could easily tell what connections were made, and their
> duration (and not rely on the userland application to log this info).
> I've looked into using the state matching, but couldn't achieve this
> specific functionality with that.
> Is there some trivial way to accomplish this I am overlooking?
More information about the netfilter