We have a monitor server in place which we use to get flow information. Currently libpcap-based is in use, but it would be nice to be able to use ULOG or NFLOG for this. The challenge is that the monitor-server does not actually forward any packets. It is connected to a mirror-port on a switch, so that it is able to see all traffic. However, the traffic does not show up in any netfilter chains, because no routing or bridging is in place on the monitor server. Is there a way to catch incoming traffic which is neither INPUT nor FORWARD with netfilter? /Benny -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
