Hey folks,
I quietly lurk on the mailing list, and I must thank everyone ... I've
learned a ton about Netfilter from here. I now implement netfilter on 3
different machines, 2 at home and one at work, with different
configurations and responsibilities. Recently, I had a difficult time
connecting to a particular (local) webserver, so I decided to log
everything coming from that webserver. Needless to say, I have a ton of
good information. I wanted to take it apart, see what's really
happening, look at the tcp flags that were set, etc... So I decided to
implement some type of Log analyzer. I went with fwlogwatch. When I
try to analyze a logfile, it complains mostly about missing timestamps.
So my question boils down to this...
What is the --log-prefix option to add timestamps to LOG target entries?
Is it possible? Any help would be appreciated.
From what I can tell so far, the server is sending back many packets
with SYN and PSH flags enabled, and I believe I was dropping the
majority of these...
Thanks,
Fred
