Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
March 22, 2006, 6:39 am
rate this thread
there any way to extract destination address from TCP SYN packet using
I have seen some perl scripts extracting destination and source
addresses from DNS packets but if i can do that with iptables alone, it
would save considerable amount of my project time !
Re: iptables: needs to extract destination addr from Tcp syn packet
You can write such information to the log using netfilter. Use -j LOG --
log-prefix "ZZZZZZZZZZZ" where the ZZZZZZZZ bit is any text you like to
make it easy to locate the messages. Here is a log message example for a
new LPR type SYN packet which was logged using -j LOG --log-prefix "NETF-
Mar 23 14:40:46 myfirewall kernel: NETF-NEW IN=eth0 OUT=eth1 SRC=a.b.c.d
DST=w.x.y.z LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=21846 DF PROTO=TCP SPT=721
DPT=515 WINDOW=16384 RES=0x00 SYN URGP=0
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security