I'm trying to see if I can get the Linux 2.6 kernel to generate a syslog message when it removes a UDP "connection" from its connection tracking table.
It's easy to log the start of a "connection" regardless of whether it's TCP or UDP: sudo iptables -I FORWARD 8 -m state --state NEW -j LOG --log-prefix "New: " --log-level 7 sudo iptables -I FORWARD 9 -m state --state RELATED -j LOG --log-prefix "Related: " --log-level 7 I can also log the end of a TCP connection by looking for RST or FIN flags. My man and google fu just isn't finding a way to log when a UDP "connection" gets removed from the connection tracking table. Anyone have any hints? === Jeremy Charles, jchar...@epic.com Epic's Computer and Technology Services Division Phone: 608-271-9000, Fax 608-271-7237
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
