On Mon, 20 Apr 2009, Patrick McHardy wrote: > Jozsef Kadlecsik wrote: > > On Mon, 20 Apr 2009, Pablo Neira Ayuso wrote: > > > I wasn't refering to any iptables target. New ulogd2 includes support > > > for ctnetlink, which can do this. I know, that means the extra libraries > > > dependencies. > > > > I see. Thanks the info, good to know that ulogd2 is capable of this. > > (Calling 'conntrack' for logging looked really ugly. :-) > > In the kernel, we could log the information from the conntrack > entry, if any. That would allow to log the manips after they > have been set up. Yes, but I'd not want an unconditional logging. > Would Pablo's suggestion or the conntrack method work for you? Oh, it's not for me at all: at a workshop I was asked how to log the info (hint: conflicker ;-) and embarrased enough I had to admit there was no easy way. That's why I put together the patch, with all it's questionable details. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
