Hi Joel, > 2 - completely separate netfilter logging from kernel log streams. (not > just redirecting infrequently-used kernel streams, but actual dedicated > netfilter streams) What about including the ability to do a full datastream logging within a fixed [rrd-database] size, e.g. the last 50 Kbyte sent through the netfilter stack, at best also available as an per-connection stream? Or statistics not only about the amount of connections within the netfilter at a certain time, but also to build some averages. Are there already any solutions? Sincerely .\\ichael
