Re: [PATCHv2] netfilter: audit target to record accepted/dropped packets
On Fri, Jan 14, 2011 at 2:18 PM, Jan Engelhardt <jengelh(a)medozas.de> wrote:
(The reason for audit's existence still eludes me..)
audit exists because a very large number of gov't customers (Not just
USA) have special requirements about how 'relevant' information is
gathered and stored. They require centralization and standardization
and require pretty formal documentation describing it's operation.
The gov't certification authority has recently added a requirement
that they be able to log 'illegal attempted network connections' via
the approved audit facility. Thus, this patch.
-Eric