Grant Taylor wrote: > Ok, it must have been a very long day. How and where would you listen > to said netlink events? Or are you referring to some sort of daemon > that would behave like a user space filtering application via netlink? ulogd2 has support for listening to the events, although I haven't tested it recently. Look for the flow logging options. You could also use the 'conntrack' tool to monitor them, and pipe that to a log file. This is purely about connection tracking, not filtering, so you can't match up these events with the filter rule that accepted it, unless you encode that in the mark or something. It will only get events for connections that are accepted by filtering though. - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
