[CentOS] log outbound port 80 connections
Tony Schreiner
schreian at bc.edu
Tue Feb 5 17:11:57 UTC 2008
On Feb 5, 2008, at 12:00 PM, Ray Van Dolson wrote:
> On Tue, Feb 05, 2008 at 11:56:48AM -0500, Tony Schreiner wrote:
>> Is there a way to log outbound connections to a specific port (80)?
>> CentOS 4.6.
>>
>> iptables?
>>
>
> iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix "WWW "
>
> You might want to tack --syn on there as well to only log the packet
> initiating the connection instead of packets for the whole stream.
>
> Ray
Thanks for that.
Followup. Can I associate anything in the log record with the
process. I see the SPT but, the connection appears to be short, I
can't find the port in netstat or lsof (not sure if those apply to
source ports).
Tony
More information about the CentOS
mailing list