Re: ULOG - XiChimos

All of lore.kernel.org
 help / color / mirror / Atom feed

From: XiChimos <xichimos@plobe.com>
To: Michelle Konzack <linux4michelle@freenet.de>
Cc: netfilter@lists.netfilter.org
Subject: Re: ULOG
Date: Tue, 20 Jan 2004 20:12:06 -0500	[thread overview]
Message-ID: <400DD1E6.4060706@plobe.com> (raw)
In-Reply-To: <20040121004046.GG8389@freenet.de>

Is there any reason why tcpdump wouldn't work?

apt-get install tcpdump

Then you can do 'tcpdump -i ppp0 -w FILENAME dst 192.168.1 '  What this 
does is takes all the packets from ppp0 bound for the range 192.168.1.* 
and throws them in FILENAME. Then if you wanted to break things up, you 
could use grep:

grep 192.168.1.1 FILENAME > 192.168.1.1_file

You would do that for each IP.

You can always do 'man tcpdump' or 'man grep' if you want to do or know 
more.

You could also try ethereal.  I would use either one of these instead of 
modifying the firewall, unless you have good reason to not use these 
programs.  I hope that helps.  Check out 'man iptables' to see what 
iptables offers.

Chris

Michelle Konzack wrote:

>Hello, 
>
>I am using Debian GNU/Linux 3.0r2 WOODY and have installed the 'ulogd' 
>Packge. 
>
>I like to log the traffic in my ADSL-Interface ppp0 
>But I do not know, HOW !
>
>All tries are faild.
>
>Can anone tell me the rule ?
>
>Oh yes, is it possibel to log the traffic from ppp0 to a 
>specified IP-Adress inside my Network in a seperated file ?
>
>I like to have for each IP/Server (26 complet) in my private 
>network a logfile.
>
>Thanks
>Michelle
>
>  
>

next prev parent reply	other threads:[~2004-01-21  1:12 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-01-21  0:40 ULOG Michelle Konzack
2004-01-21  1:12 ` XiChimos [this message]
2004-01-21  8:04   ` ULOG Klemen Kecman
2004-01-21  9:38 ` ULOG bino-psn
2004-01-22 13:53   ` ULOG Michelle Konzack
2004-01-22 15:16 ` ULOG Michelle Konzack
  -- strict thread matches above, loose matches on Subject: below --
2004-01-20 15:50 ULOG Michelle Konzack

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=400DD1E6.4060706@plobe.com \
    --to=xichimos@plobe.com \
    --cc=linux4michelle@freenet.de \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.