| 1234567891011121314151617181920212223242526272829 |
- This target provides logging of matching packets. When this target is
- set for a rule, the Linux kernel will pass the packet to the loaded
- logging backend to log the packet. This is usually used in combination
- with nfnetlink_log as logging backend, which will multicast the packet
- through a
- .IR netlink
- socket to the specified multicast group. One or more userspace processes
- may subscribe to the group to receive the packets. Like LOG, this is a
- non-terminating target, i.e. rule traversal continues at the next rule.
- .TP
- \fB\-\-nflog\-group\fP \fInlgroup\fP
- The netlink group (0 - 2^16\-1) to which packets are (only applicable for
- nfnetlink_log). The default value is 0.
- .TP
- \fB\-\-nflog\-prefix\fP \fIprefix\fP
- A prefix string to include in the log message, up to 64 characters
- long, useful for distinguishing messages in the logs.
- .TP
- \fB\-\-nflog\-range\fP \fIsize\fP
- The number of bytes to be copied to userspace (only applicable for
- nfnetlink_log). nfnetlink_log instances may specify their own
- range, this option overrides it.
- .TP
- \fB\-\-nflog\-threshold\fP \fIsize\fP
- Number of packets to queue inside the kernel before sending them
- to userspace (only applicable for nfnetlink_log). Higher values
- result in less overhead per packet, but increase delay until the
- packets reach userspace. The default value is 1.
- .BR
|
