On Mon, Jul 16, 2012 at 10:00:13AM +0200, Florian Westphal wrote: > Mr Dash Four <mr.dash.four@xxxxxxxxxxxxxx> wrote: > > The specific reason I raised this issue is because on the main > > firewall we have here, if I deploy ulogd2 and use NFCT at its > > present form, I will get the logs from all 7 interfaces, and it > > would make it an absolutely huge task to sift through all these logs > > and "match" the various entries (OK, doing it through the database > > will help up a bit, but not a lot). > > Try something like > iptables -t raw -A PREROUTING (thingsyoudontwant) -j CT --ctevents related > > (i don't think its possible to disable event delivery completely > at the moment without disabling conntrack ). You can do it via: /proc/sys/net/netfilter/nf_conntrack_events -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
