On Tue, Apr 17, 2001 at 08:46:12AM +1000, David Findlay wrote:
> On Monday 16 April 2001 10:40, you wrote:
> > Perhaps I misunderstand what it is exactly you are trying to do,
> > but I would think that this could be done entirely in userland by
> > software that just adds rules for you instead of you having to do
> > it manually.
>
> I suppose, but it would be so much easier if the kernel did it automatically.
> Having a rule to go through for each IP address to be logged would be slower
> than implementing one rule that would log all of them. Doing this in the
> kernel would improve preformance.
Perhaps "netflow" would be an answer ?
It is cisco idea for collecting accounting data for
network flows. System has a cache of flows for
which it collects data, and once the cache overflows
(or flow times out), data is sent to designated flow
collection server(s).
http://www.cisco.com/warp/public/cc/pd/iosw/ioft/neflct/tech/napps_wp.htm
> David
/Matti Aarnio
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 15 2001 - 21:00:24 EST