Matthew Rosewarne on 12 Jan 2007 20:36:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] iptables logging


I'm trying to get a bit more info out of the mass of logs that IPTables 
generates.  What I'd really like would be for the IP addresses to be resolved 
to hostnames in the logs (I could put dnsmasq in for performance) and ideally 
for the name of the program that made the packet or is listening on a certain 
port to be looked up (netstat?) and added to the log.  I know that the 
kernel-space Netfilter can't filter based on which users-space programs send 
or receive packets, but I'd at least like to know why these packets are 
coming and going so I can adjust my rules.
I've looked all over for any clues on how to do this with something such as 
the ULOG target and ulogd/specter, but there's very little documentation I 
can find on doing anything like it.

Attachment: pgpacp6ECN9iT.pgp
Description: PGP signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug