monitoring IP traffic
Claude Jones
claude_jones at levitjames.com
Sat Aug 20 12:46:15 UTC 2005
On Saturday 20 August 2005 8:33 am, Rakotomandimby Mihamina wrote:
> On Sat, 2005-08-20 at 07:36 -0400, Claude Jones wrote:
> > 1) Pull up a log and look at recent traffic - what's passing, what's
> > been
> > denied
> > 2) Open a window that shows this 'live' - in other words, execute some
> > command
> > that leads to the outside world, and watch what the firewall does
> > What are the appropriate tools?
>
> iptables.
> You can use "-j ULOG" or "-j LOG" then the information about matchig
> packets are logged.
> they are not terminating rules, so that you can safely do anything, but
> keep in mind that some could bloat you logfile with it...
>
Thanks for your reply. I'm afraid I didn't phrase my question clearly. I'm
already generating logs. Logwatch dutifully sends me a report each night at 4
am. I'm also running epylog which also generates a nightly report. I want to
be able to look at the logs at any given time - where do I find these? How do
I view them? And how can I watch traffic in 'real time' as it's passing?
--
Claude Jones
Bluemont, VA, USA
More information about the fedora-list
mailing list