On Thu, 2011-01-06 at 15:07 -0800, Tom Eastep wrote: > > I should point out, however, that what you are doing is a *really* bad > idea (using the LOG target out of accounting).
Probably not as bad as you think. ;-) > Better to use ULOG if you > insist on capturing every packet in and out of the interface. Not every packet. I have "return"s after each packet is accounted for. The log entries I put at the end only end up logging packets which have managed to get missed by any other accounting rule. Those log entries should be the exception and when there is nothing new in the network that is not being accounted for (and needing a new rule in accounting), never hit. Cheers, b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
