forwarding as a gateway, logging certain traffic
Chuck Swiger
cswiger at mac.com
Tue Sep 12 13:45:30 PDT 2006
On Sep 12, 2006, at 1:37 PM, Bart Silverstrim wrote:
>> Better to use something like:
>>
>> ipfw add 1 log tcp from any to me 25 setup
>>
>> If Bart would like to use tcpdump for the same purpose, consider
>> running something like:
>>
>> tcpdump -nt 'port 25 and (tcp[tcpflags] & tcp-syn != 0)'
>
> Maybe my ipfw is old; it kept telling me that "log" is an invalid
> action. However, I think I may be able to get the tcpdump idea to
> work.
There's a kernel option you need to enable for IPFW to do logging.
If you're kldload'ing the ipfw module, it probably wasn't compiled
with IPFW_LOGGING or whatever the exact name is.
Anyway, tcpdump should be your friend. :-)
--
-Chuck
More information about the freebsd-questions
mailing list