Logging the source port?
Stephane Bortzmeyer <bortzmeyer@nic.fr> Fri, 13 November 2009 05:49 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F36C3A67FA for <ietf@core3.amsl.com>; Thu, 12 Nov 2009 21:49:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.525
X-Spam-Level:
X-Spam-Status: No, score=-2.525 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1XZFz+D7eOue for <ietf@core3.amsl.com>; Thu, 12 Nov 2009 21:49:23 -0800 (PST)
Received: from mail.bortzmeyer.org (bortzmeyer-1-pt.tunnel.tserv10.par1.ipv6.he.net [IPv6:2001:470:1f12:420::2]) by core3.amsl.com (Postfix) with ESMTP id 33B1D3A67F9 for <ietf@ietf.org>; Thu, 12 Nov 2009 21:49:23 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 6924995487; Fri, 13 Nov 2009 06:49:50 +0100 (CET)
Received: by horcrux (Postfix, from userid 1000) id D0C28157767; Fri, 13 Nov 2009 14:49:36 +0900 (JST)
Date: Fri, 13 Nov 2009 14:49:36 +0900
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: ietf@ietf.org
Subject: Logging the source port?
Message-ID: <20091113054936.GA1668@laperouse.bortzmeyer.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Transport: UUCP rules
X-Operating-System: Ubuntu 8.10 (intrepid)
User-Agent: Mutt/1.5.18 (2008-05-17)
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2009 05:49:24 -0000
At the Transport Area meeting, Alain Durand, presenting draft-ford-shared-addressing-issues mentioned that we may well have now to always log the source port of a TCP request, not only the source IP address (which may well be shared), if we want traceability. Does anyone know if it is possible with the typical TCP servers? For instance, I find no way to do it with Apache <http://httpd.apache.org/docs/2.2/mod/mod_log_config.html>.
- Logging the source port? Stephane Bortzmeyer
- Re: Logging the source port? Joel Jaeggli
- Re: Logging the source port? Stephane Bortzmeyer
- Re: Logging the source port? Richard Barnes
- Re: Logging the source port? Arnt Gulbrandsen
- Re: Logging the source port? Stephane Bortzmeyer
- Re: Logging the source port? Stephane Bortzmeyer
- Re: Logging the source port? Arnt Gulbrandsen
- Re: Logging the source port? Arnt Gulbrandsen
- Re: Logging the source port? Phillip Hallam-Baker
- Re: Logging the source port? Phillip Hallam-Baker