> No, not using netfilter (unless you wanted to create a rule for each possible > destination, just in case some packets got sent there (but then you'd want to > know what protocol was used, too, so you'd need even more rules....)). > > I suggest you investigate something like iptraf, netwatch or snort. > > Regards, > > Antony. > I have something like 30 clients ... in my LAN . My boss is somehow paranoid and needs "total control" of every bit. I was thinking at something like -A OUTPUT -d !extip !intip !localnet -j LOG and then parse logs and generate reports with some script. but the problem : i am not sure if adding three lines of -j LOG for every destination that i ignore (extip intip and localnet) is a good thing. what will happen with the packet after first line ? thanks in advance, Octavian DANILA
