Rufman wrote:
> how can i make iptables dump the amount of traffic going through
> specific ports into a file, so that a prog like iam (http://
> www.intevation.de/iam/) can parse the contents and display the port
> traffic.
>
> or
>
> does anyone know a better way to measure port traffic?
I dump select netfilter traffic into a special syslog log file (for
participation in DShield) with the following syslog.conf line.
kern.debug;kern.!info /var/log/dshield
Then in iptables I define custom log targets like
-A logaccept -j LOG --log-level debug --log-prefix "iptables ACPT: "
-A logaccept -j ACCEPT
There are debug messages from the kernel other than netfilter/iptables,
so I still have to filter the log file before I send it through
DShield's parser. You'll probably have to do the same.
Similar Threads
Linear Mode
