Re: native recording of all network connections on freebsd

Dan Mack writes:

> I'm wondering if anyone can help point me at a good way to continously 
> capture every inbound and outbound connection made to a freebsd system. 

Assuming "connection" means "log every TCP connection setup" probably
the quickest way is to tcpdump every TCP packet with both SYN and
ACK set.  That will log one packet for every TCP connection that
is established with the system. It won't capture anything for
connection attempts that fail. If you want that as well, just log
everything with SYN set.

If you do the latter you will also collect the background noise
from people port scanning you and attempting other nefarious deeds.

--lyndon