Hello Mike,
> Does the current kernel (2.2.x) have any provisions for logging
> or capturing the ENTIRE IP packet which matches a particular
> ipchains rule?
> What I'd like to do is capture every packet that matches certain
> rules, and have some way of identifying each raw packet with the
> log entry in syslog to which it was captured.
<snip>
Had a look on netfilter ? I think not, it covers the items you asked.
It's in 2.3.xx kernels (note many network driver changes are going on at
this moment)
Have a look at: http://netfilter.kernelnotes.org/
PS, ever looked at the load of the system when ipchains+logging are used,
and "someone" attacks your machine at 100Mb speed ?
(kernel has no problem,syslog does, and netfilter can handle this problem
as well)
Greatings,
Arjan Filius
mailto:iafilius@xs4all.nl
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:16 EST