imweijh · February 8, 2017 08:31
diff --git a/fprobe-ulog.sh b/fprobe-ulog.sh
 设置防火墙，打标签，让fprobe-ulog记录（只处理对外的网卡eth0）
 iptables -I INPUT   -i eth0 -j ULOG --ulog-cprange 48 --ulog-qthreshold 50
 iptables -I OUTPUT  -o eth0 -j ULOG --ulog-cprange 48 --ulog-qthreshold 50
 iptables -I FORWARD -j ULOG --ulog-cprange 48 --ulog-qthreshold 50

 发送给 172.18.20.160:9995
 fprobe-ulog -B4096 -q10000 172.18.20.160:9995

 接收：
 nfcapd -z -w -D -T all -l /var/cache/nfdump -I any -S 2 -P /var/run/nfcapd.allflows.pid

 展示：
 nfdump -R /var/cache/nfdump/ 'dst port 53' -o line
	设置防火墙，打标签，让fprobe-ulog记录（只处理对外的网卡eth0）
	iptables -I INPUT -i eth0 -j ULOG --ulog-cprange 48 --ulog-qthreshold 50
	iptables -I OUTPUT -o eth0 -j ULOG --ulog-cprange 48 --ulog-qthreshold 50
	iptables -I FORWARD -j ULOG --ulog-cprange 48 --ulog-qthreshold 50

	发送给 172.18.20.160:9995
	fprobe-ulog -B4096 -q10000 172.18.20.160:9995

	接收：
	nfcapd -z -w -D -T all -l /var/cache/nfdump -I any -S 2 -P /var/run/nfcapd.allflows.pid

	展示：
	nfdump -R /var/cache/nfdump/ 'dst port 53' -o line