ULOG is the netfilter/iptables logging daemon. It connects to the netlink device of the Linux kernel and reads messages from the netfilter that get queued with the iptables ULOG target. It can output to plain text, MySQL, Postgres and PCAP.
Install with:
apt-get install ulogd-pcap
Configure ulogd to output in PCAP format
vim /etc/ulogd.conf
Un-comment plugin="/usr/lib/ulogd/ulogd_PCAP.so", restart ulog. Then add a log rule to iptables before the final drop rule.
-A INPUT -j ULOG
The PCAP log file should be located at /var/log/ulog/pcap.log
23 Mar 2014
Website Last Updated on 4 Oct 2024 (CC BY-SA 4.0)
This site uses JQuery and nanogallery2 hosted by jsdelivr.net
for the Flickr photo feed and GoatCounter for user insights.