Is it possible for ipfilter to log all packets AND keep state for filtering decisions?
Thank you, Ben On Thu, May 11, 2006 at 01:05:47PM +0400, ArkanoiD wrote: > nuqneH, > > It is how stateful filtering works - when a packet matches existing connection > state, it bypasses the ruleset. > That's why keep state improves filtering performance. > > On Wed, May 10, 2006 at 05:01:51PM -0700, Ben Collver wrote: > > I am using stateful filtering on NetBSD/3.0. > > > > I would like to log the header of every packet that: > > goes out interface X, from network A, to anywhere except network B > > goes in inetface X, from anywhere except network B, to network A > > > > I tried to write rules to do this, but they only log the first packet > > before state is established. > > > > Are ipfilter/ipmon the right tools for the job? How can I log all > > packets? > > > > Thank you, > > > > Ben
