i need to log all traffic that is being created by a specific uid
the box have multiple nic's if it matters.
the uid dosent belong to a real system user with shell but will show up like #405 in ps where 405 is a uid in a chrooted /ftpd/etc/passwd
where do i start?
i need a full explenation since i dont really have time to read everything on the subject.