Hi guys. I am trying to think of an LKM which could have a general hook
in the sense that whatever iptables defines from user space this hook
will catch when a rule is hit (every rule) and will log it (KERN_INFO).
I do not want to define an NFLOG for each rule (that will be tedious,
especially in a machine dedicated as a firewall for example). Is this
even possible?
The general purpose is to have a method of tracking all packets in order
to see what chains/rules are hit.
This will make possible to observe the routes some packets travel when
they travel the firewall's layout. The kernel is a 2.6.32.x one.
Thank you for any feedback or input, gratefully appreciated.
--
; Alexandru Gheorghe
; alghe.global {at} gmail {dot} com
; OpenPGP key ID 0xCAF985D2
Attachment:
signature.asc
Description: OpenPGP digital signature
