pf & tcpdump
Ian Smith
smithi at nimnet.asn.au
Fri Nov 13 12:42:12 UTC 2009
On Fri, 13 Nov 2009, Stephane D'Alu wrote:
> Is there a way to have tcpdump only showing packed that have pass the
> filtering rules, so to check that firewall rules were correctly written and
> not letting unwanted packets in.
tcpdump sees packets before they're passed to the firewall coming in,
and after the firewall going out. Lack of response to inbound packets
that the firewall is supposed to block is usually a good sign ..
Easiest way to see firewall rules are working is to add logging to them.
cheers, Ian
More information about the freebsd-net
mailing list