LinuxQuestions.org

LinuxQuestions.org (http://www.linuxquestions.org/questions/index.php)
-   Linux - Networking (http://www.linuxquestions.org/questions/forumdisplay.php?f=3)
-   -   HOWTO watch firewall as it works (http://www.linuxquestions.org/questions/showthread.php?t=775432)

SaintDanBert 12-13-2009 06:33 PM

HOWTO watch firewall as it works
 
Now that I have configured my firewall, how do I watch it run?

Is there some sort of tool(s) or log(s) that will show arriving and departing packets movement through the various queues. It would be nice to watch in real-time, but run-log-view batches are good too.

Thanks,
~~~ 0;-Dan

Web31337 12-13-2009 07:41 PM

depending on configuration...
you may watch it working trying to access restricted ports =)

okcomputer44 12-14-2009 02:29 AM

Quote:

Originally Posted by SaintDanBert (Post 3790287)
Now that I have configured my firewall, how do I watch it run?

Is there some sort of tool(s) or log(s) that will show arriving and departing packets movement through the various queues. It would be nice to watch in real-time, but run-log-view batches are good too.

Thanks,
~~~ 0;-Dan

iptraf is your friend.

Try it, you can filter for card(s) port(s) and whatever you want.

And it is real time too.

salasi 12-14-2009 03:21 AM

Quote:

Originally Posted by SaintDanBert (Post 3790287)
...but run-log-view batches are good too.

For that, you can use packet counters, and no tool is necessary. Bit primitive though, depending on how your firewall ruleset is structured, and okcomputer44's suggestion is probably better, unless you intend to leave monitoring in place, long term. Then, the low overhead of packet counting might be valuable


All times are GMT -5. The time now is 11:50 PM.