Grant Taylor wrote: > I suppose you could augment the connection tracking code to log when it > expired a tracked connection. You could at least get the end of a > connection this way. However this is probably kernel coding. No kernel coding needed, it already generates netlink events. You just need to listen for this event in userspace and log it from there. - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
