Patch to enable our tcpdump to handle CARP
Arnaud Lacombe
lacombar at gmail.com
Thu Oct 20 18:40:34 UTC 2011
Hi,
On Thu, Oct 20, 2011 at 12:12 PM, Kevin Wilcox <kevin.wilcox at gmail.com> wrote:
> On 19 October 2011 16:20, George Neville-Neil <gnn at neville-neil.com> wrote:
>
>> I've been trying to debug CARP problems of late. I noticed that our tcpdump didn't have CARP
>> support. I took and fixed some code from OpenBSD so that our tcpdump can work with
>> CARP. Unlike OpenBSD you have to specify -T carp to read carp packets. In their version
>> you specify -T VRRP, because they don't like VRRP. I decided that we should go with
>> what most of the industry cares about rather than what OpenBSD cares about.
>
> Additionally, Daniel Hartmeier posted a significant patch to
> freebsd-questions@ for pf+tcpdump earlier this year that added support
> for the pfsync device. I've been using it in production on firewalls
> with 125k pps average to track NAT translations for a /17 and it's
> been of endless utility since pf doesn't offer the translation logging
> you see on some commercial devices.
>
any URL about the patch in question ? I cannot find anything in the
recent archives of freebsd-questions@
Thanks,
- Arnaud
More information about the freebsd-net
mailing list