Hi, Jeremy. If you don't find the answer here, try the netfilter user mailing list, email "subscribe netfiter" in the body of the message to [email protected]
I also got some great help on #iptables on IRC, it was a gnarly problem and one of the developers was online, he worked with me for hours until we hammered out the config. Best, -at On Fri, Jul 29, 2011 at 10:49 AM, Jeremy Charles <[email protected]> wrote: > I’m trying to see if I can get the Linux 2.6 kernel to generate a syslog > message when it removes a UDP “connection” from its connection tracking > table. > > > > It’s easy to log the start of a “connection” regardless of whether it’s TCP > or UDP: > > > > sudo iptables -I FORWARD 8 -m state --state NEW -j LOG --log-prefix "New: " > --log-level 7 > > sudo iptables -I FORWARD 9 -m state --state RELATED -j LOG --log-prefix > "Related: " --log-level 7 > > > > I can also log the end of a TCP connection by looking for RST or FIN flags. > > > > My man and google fu just isn’t finding a way to log when a UDP “connection” > gets removed from the connection tracking table. > > > > Anyone have any hints? > > > > === > > Jeremy Charles, [email protected] > > Epic's Computer and Technology Services Division > > > > Phone: 608-271-9000, Fax 608-271-7237 > > > > _______________________________________________ > Tech mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > > _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
