💻 Software

With Linux iptables, is it possible to log the process/command name that initiates an outbound connection?

Fresh7 days ago

Mar 15, 202627661 views

Confidence Score0%

Problem

I would like to keep track of the processes that initiate outbound connections on a Linux desktop. The best I can come up with is this: This logs the uid/gid that initiates the connection, but not the process/command name or even the pid. If I could just get the pid, I could probably whip up a scri…

Error Output

iptables -A OUTPUT -m state --state NEW -j LOG --log-uid

Unverified for your environment

Select your OS to check compatibility.

Your OS

OS version

Product version

1 Fix

Canonical Fix

Unverified Fix

New Fix – Awaiting Verification

Fix for: With Linux iptables, is it possible to log the process/command name that initiates an outbound connection?

Low Risk

You want the owner match module, which only works on the OUTPUT chain (and maybe PREROUTING...?). Read the docs, but it will work something like this:

Awaiting Verification

Be the first to verify this fix

With Linux iptables, is it possible to log the process/command name that initiates an outbound connection?

Problem

Error Output

1 Fix

Fix for: With Linux iptables, is it possible to log the process/command name that initiates an outbound connection?

Environment