You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 lines
1.4 KiB
33 lines
1.4 KiB
4 months ago
|
This target provides logging of matching packets. When this target is
|
||
|
|
set for a rule, the Linux kernel will pass the packet to the loaded
|
||
|
|
logging backend to log the packet. This is usually used in combination
|
||
|
|
with nfnetlink_log as logging backend, which will multicast the packet
|
||
|
|
through a
|
||
|
|
.IR netlink
|
||
|
|
socket to the specified multicast group. One or more userspace processes
|
||
|
|
may subscribe to the group to receive the packets. Like LOG, this is a
|
||
|
|
non-terminating target, i.e. rule traversal continues at the next rule.
|
||
|
|
.TP
|
||
|
|
\fB\-\-nflog\-group\fP \fInlgroup\fP
|
||
|
|
The netlink group (0 - 2^16\-1) to which packets are (only applicable for
|
||
|
|
nfnetlink_log). The default value is 0.
|
||
|
|
.TP
|
||
|
|
\fB\-\-nflog\-prefix\fP \fIprefix\fP
|
||
|
|
A prefix string to include in the log message, up to 64 characters
|
||
|
|
long, useful for distinguishing messages in the logs.
|
||
|
|
.TP
|
||
|
|
\fB\-\-nflog\-range\fP \fIsize\fP
|
||
|
|
This option has never worked, use --nflog-size instead
|
||
|
|
.TP
|
||
|
|
\fB\-\-nflog\-size\fP \fIsize\fP
|
||
|
|
The number of bytes to be copied to userspace (only applicable for
|
||
|
|
nfnetlink_log). nfnetlink_log instances may specify their own
|
||
|
|
range, this option overrides it.
|
||
|
|
.TP
|
||
|
|
\fB\-\-nflog\-threshold\fP \fIsize\fP
|
||
|
|
Number of packets to queue inside the kernel before sending them
|
||
|
|
to userspace (only applicable for nfnetlink_log). Higher values
|
||
|
|
result in less overhead per packet, but increase delay until the
|
||
|
|
packets reach userspace. The default value is 1.
|
||
|
|
.BR
|