On Fri, 19 Jan 2001 [EMAIL PROTECTED] wrote:
> AFAIK you cannot log MAC addresses.
sure you can. why not? the data enters your system. you can log any data
that is in your system. its just a matter of the right code.
> On Fri, 19 Jan 2001, jeremy wrote:
> > I was wondering how one could log mac addresses with ipchains.
do it in the kernel:
http://lar2.dyndns.org/~larry/patches/log-ethernet-patch.txt
>From [EMAIL PROTECTED] Mon Feb 14 16:19:58 2000
Date: Sat, 12 Feb 2000 16:34:27 -0800
From: Dragos Ruiu <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Packet Tracing (linux klog patch)
One of the problems that people have is logging the origin of the attack
streams and tracing packet paths through the networks. Here is a small bit
of code that may help you inexpensively deploy some packet loggers at key
network ingress/egress points.
enjoy. no, i do not run this code. it should work on 2.0 and 2.2 (dunno
about 2.4) kernels as eth.c has been pretty stable, dragos told me (i
asked him, he didn't specify a kernel version this patch was for).
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
