Hi
Is it possible to export conntrack data to external log server
We have systems build on redhat, that handles dhcpd, iptables firewalling, trafic shaping etc.
But all this seems that we can do all off this in e.g. a RB1100, but we have one big challenge.
We need, in order to comply with danish terror logging law, to log all connections being made from customers equipment and out to the internet.
We use today : conntrack_udplog - a temporary wrapper script for .libs/conntrack_udplog
Installed pkgs are: libnetfilter_conntrack.tar.gz and libnfnetlink.tar.gz
Simply put, we need data in a format somewhat similar to this below:
Cust.ID timerticks proto src/dst before nat src/dst after nat
9986 1317034995 3 17 src=10.1.6.131 dst=85.218.236.99 sp=61164 dp=35665 pcks=22 b=7197 src=85.218.236.99 dst=91.100.105.109 sp=35665 dp=61164 pcks=29 b=10371
9986 1317034995 1 6 src=10.4.10.100 dst=95.166.16.179 sp=49282 dp=64555 pcks=0 b=0
src=95.166.16.179 dst=91.100.105.109 sp=64555 dp=49282 pcks=0 b=0
Is it possible to script anything similar on the RouterOS ??
Thanks in advance
Steven