Determine which user started tcp connection
Artem Kuchin
artem at artem.ru
Sun Nov 29 19:56:26 UTC 2015
29.11.2015 22:53, darwinsurvivor at gmail.com пишет:
> I don't know about ipfw, but it can probably be done by monitoring netstat
> and looking at the UID of the process that made the connection.
Will not work. The connection lasts only a fraction of a second. I
cannot catch it
manually.
>
> On Sun, Nov 29, 2015 at 7:15 AM, Artem Kuchin <artem at artem.ru> wrote:
>
>> Hello!
>>
>> I have a jail with shared hosting. Many sites are hosted. Each on its own
>> user.
>> I want to monitor their external connections. I allow external connections
>> but want to
>> see what's going on.
>> IPFW allowes easily to see all outgoing connection setups from jail, but i
>> cannot
>> see which user started it.
>> I googled and i see that requests to add UID to IPFW log were first in
>> 2008 but
>> i still do not see it in the version 10.
>>
>> So, is there a way to log UID and connection params (dst ip and port) ?
>>
>> Artem
>>
>>
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to "
>> freebsd-questions-unsubscribe at freebsd.org"
>>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list