tracking connections through a Linux firewall
This is a discussion on tracking connections through a Linux firewall within the Linux Networking forums, part of the Linux Forums category; Hi all, I needed help w.r.t. connection tracking on a Linux box running Mandrake 9.1 acting as ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-25-2003
|
|||
|
|||
tracking connections through a Linux firewall
Hi all,
I needed help w.r.t. connection tracking on a Linux box running Mandrake 9.1 acting as a router and firewall (configured through Shorewall). All outbound connections are NATed though the firewall public ip. Inbound connections are only allowed into the DMZ. I need to track down users behind the firewall who are doing long running heavy downloads. Is it possible to get such information from the firewall? For example, can I get info on which connections have been active for the longest time. Or which tcp connections have transported the most number of bytes? /proc/net/ip_conntrack lists the active connections but I cannot get any info on the time the connection has been up, or the amount of data that has transported through it. Any help will be appreciated. Regards, Amit Murthy 
|
Linear Mode
