| Matthew Rosewarne on 12 Jan 2007 20:36:02 -0000 |
|
I'm trying to get a bit more info out of the mass of logs that IPTables generates. What I'd really like would be for the IP addresses to be resolved to hostnames in the logs (I could put dnsmasq in for performance) and ideally for the name of the program that made the packet or is listening on a certain port to be looked up (netstat?) and added to the log. I know that the kernel-space Netfilter can't filter based on which users-space programs send or receive packets, but I'd at least like to know why these packets are coming and going so I can adjust my rules. I've looked all over for any clues on how to do this with something such as the ULOG target and ulogd/specter, but there's very little documentation I can find on doing anything like it. Attachment:
pgpacp6ECN9iT.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|