Display Filter Reference: Linux Netfilter NFLOG

Protocol field name: nflog

Versions: 1.8.0 to 3.2.2

Back to Display Filter Reference

Field name Description Type Versions
nflog.encoding Encoding Unsigned integer, 4 bytes 1.8.0 to 1.10.14
nflog.family Family Unsigned integer, 1 byte 1.8.0 to 3.2.2
nflog.gid GID Signed integer, 4 bytes 1.8.0 to 3.2.2
nflog.hook Netfilter hook Unsigned integer, 1 byte 2.4.0 to 3.2.2
nflog.ifindex_indev IFINDEX_INDEV Unsigned integer, 4 bytes 2.4.0 to 3.2.2
nflog.ifindex_outdev IFINDEX_OUTDEV Unsigned integer, 4 bytes 2.4.0 to 3.2.2
nflog.ifindex_physindev IFINDEX_PHYSINDEV Unsigned integer, 4 bytes 2.4.0 to 3.2.2
nflog.ifindex_physoutdev IFINDEX_PHYSOUTDEV Unsigned integer, 4 bytes 2.4.0 to 3.2.2
nflog.prefix Prefix Character string 1.8.0 to 3.2.2
nflog.protocol HW protocol Unsigned integer, 2 bytes 2.4.0 to 3.2.2
nflog.res_id Resource id Unsigned integer, 2 bytes 1.8.0 to 3.2.2
nflog.timestamp Timestamp Date and time 1.8.0 to 3.2.2
nflog.tlv TLV Sequence of bytes 1.8.0 to 3.2.2
nflog.tlv_length Length Unsigned integer, 2 bytes 1.8.0 to 3.2.2
nflog.tlv_type Type Unsigned integer, 2 bytes 1.8.0 to 3.2.2
nflog.tlv_value Value Sequence of bytes 1.8.0 to 3.2.2
nflog.uid UID Signed integer, 4 bytes 1.8.0 to 3.2.2
nflog.version Version Unsigned integer, 1 byte 1.8.0 to 3.2.2
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ AppResponse 11
  • • Full stack analysis – from packets to pages
  • • Rich performance metrics & pre-defined insights for fast problem identification/resolution
  • • Modular, flexible solution for deeply-analyzing network & application performance
Learn More