Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
03-08-2006, 06:13 AM
|
#1
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Rep: 
|
iptables - viewing live log
How can I view, through SSH, the data going through my iptables firewall? I know this can be done as I have done it before but I am currently having a bit of a mental block!
Thanks.
|
|
|
|
|
03-08-2006, 06:59 AM
|
#2
|
|
Member
Registered: Apr 2004
Posts: 194
Rep:
|
Hi
You can use iptstate command..it shows what exactly is happening thorugh IPtables rules
|
|
|
|
|
03-08-2006, 07:32 AM
|
#3
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Original Poster
Rep:
|
How do I use that?
THanks.
|
|
|
|
|
03-13-2006, 04:44 AM
|
#4
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Original Poster
Rep:
|
Anybody able to help me with the usage of ipstate?
Thanks.
|
|
|
|
|
03-13-2006, 05:11 AM
|
#5
|
|
Moderator
Registered: May 2001
Posts: 29,415
|
Download tool, read man page, try. *Then* ask.
|
|
|
|
|
03-13-2006, 05:15 AM
|
#6
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Original Poster
Rep:
|
Appear to have ipstate installed as it is located in /dev/ipstate. Problems is when I run /dev/ipstate --help I get Permission Denied error even though I am logged in as root.
I don't think that ipstate is what I am after anyway as I have been able to look at the live data going through the tptables firewall before but simply can't remember how I did it.
BTW - I HAVE looked at google and through this forum for ipstate help but have had no luck in finding anything.
|
|
|
|
|
03-13-2006, 05:22 AM
|
#7
|
|
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,141
Rep:
|
|
|
|
|
|
03-13-2006, 05:38 AM
|
#8
|
|
Moderator
Registered: May 2001
Posts: 29,415
|
Appear to have ipstate installed as it is located in /dev/ipstate. Problems is when I run /dev/ipstate --help I get Permission Denied error even though I am logged in as root.
Iptstate is *not* a device. It's an app, here: http://www.phildev.net/iptstate/.
I don't think that ipstate is what I am after anyway as I have been able to look at the live data going through the tptables firewall before but simply can't remember how I did it.
Iptstate provides a "top"-like view of connections and their state and will allow you to sort traffic by criteria. Tailing your firewall log doesn't compare to what you can do with iptstate.
Last edited by unSpawn; 03-13-2006 at 05:39 AM.
Reason: //have keybd, cant type.
|
|
|
|
|
03-13-2006, 06:45 AM
|
#9
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Original Poster
Rep:
|
Have installed iptstate but not really what I was after (thanks though).
What I wanted was to see the information as it comes through the firewall and not the 'top' view.
Any other suggestions?
Thanks.
|
|
|
|
|
03-13-2006, 08:10 AM
|
#10
|
|
Moderator
Registered: May 2001
Posts: 29,415
|
Well, as I said in my previous post, you could use tail -f /some/system/logfile (usually "messages": check /etc/syslog.conf and provided you have "-j LOG" targets defined in your firewall rules). That'll just provide a stream of loglines w/o any coherence unless you're a speedreader with an optimised mental cache :-]
|
|
|
|
|
03-13-2006, 08:57 AM
|
#11
|
|
Member
Registered: Feb 2006
Location: UK
Distribution: CentOS 5.5
Posts: 46
Original Poster
Rep:
|
that was what I was after.
Thanks.
|
|
|
|
All times are GMT -5. The time now is 07:31 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
