From: Benny Amorsen <benny+usenet@amorsen.dk>
To: netfilter@vger.kernel.org
Subject: ULOG/NFLOG on a non-forwarding machine
Date: Tue, 23 Sep 2008 11:50:07 +0200 [thread overview]
Message-ID: <m38wtjur74.fsf@ursa.amorsen.dk> (raw)
We have a monitor server in place which we use to get flow
information. Currently libpcap-based is in use, but it would be nice
to be able to use ULOG or NFLOG for this.
The challenge is that the monitor-server does not actually forward any
packets. It is connected to a mirror-port on a switch, so that it is
able to see all traffic. However, the traffic does not show up in any
netfilter chains, because no routing or bridging is in place on the
monitor server.
Is there a way to catch incoming traffic which is neither INPUT nor
FORWARD with netfilter?
/Benny
next reply other threads:[~2008-09-23 9:50 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-23 9:50 Benny Amorsen [this message]
2008-09-24 2:57 ` ULOG/NFLOG on a non-forwarding machine Grant Taylor
2008-09-25 9:07 ` Benny Amorsen
2008-09-25 14:05 ` Grant Taylor
2008-09-26 0:43 ` Philip Craig
2008-09-27 13:42 ` Benny Amorsen
2008-10-02 8:44 ` Покотиленко Костик
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m38wtjur74.fsf@ursa.amorsen.dk \
--to=benny+usenet@amorsen.dk \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox