Le mer 27/08/2003 Ã 19:41, Stef Coene a Ãcrit : > On Wednesday 27 August 2003 19:31, hare ram wrote: > > Hi Stef > > > If you really want it very detailed (src/dst - address/port), you indeed have > to log it to mysql or so. > You can calulcate the number of updates you have to do mysql and simulate this > on a test box. As the mark you can put on the packet is quiet long you can use a mask system : [IP user][proto]. Next the script has only to split the information contained in the mark. That's add a multiplicative factor to the number of rules but that's all. So no need to use mysql. By the way you will need use connmark to track non linear protocol like ftp. BR, -- Eric Leblond Nufw : http://www.nufw.org
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
