forwarding as a gateway, logging certain traffic
Chuck Swiger
cswiger at mac.com
Tue Sep 12 13:31:01 PDT 2006
On Sep 12, 2006, at 1:08 PM, Bill Moran wrote:
>> Is there some way to get the FreeBSD system to log machines using
>> port 25 without interfering with the FreeBSD machine's filtering of
>> email function? Or at least make the traffic visible to sniffing
>> with tcpdump or wireshark or ethereal?
>
> Off the top of my head ...
> ipfw add 25 log tcp from any to any 25
> should work. There are certain kernel configs you have to have in
> place for logging to work, though.
Better to use something like:
ipfw add 1 log tcp from any to me 25 setup
If Bart would like to use tcpdump for the same purpose, consider
running something like:
tcpdump -nt 'port 25 and (tcp[tcpflags] & tcp-syn != 0)'
--
-Chuck
More information about the freebsd-questions
mailing list