logging to another machine
Greg Hennessy
Greg.Hennessy at nviz.net
Mon Sep 5 00:26:33 PDT 2005
>
> tcpdump -i pflog0 -n -e -ttt | logger -p local7.info -h sysloghost
>
> but that didn't work for some reason.
Add the '-l' flag to tcpdump and it will.
~ # ps axww | egrep 'tcpdump|logger'
428 con- S 0:02.70 tcpdump -s 96 -l -e -t -i pflog0
429 con- S 0:00.30 logger -p local0.info -t pf
> Regardless it'd be
> nice to have something less klunky and with less overhead.
It would :-), but it's the best I've found for logging pf to syslog.
Greg
More information about the freebsd-pf
mailing list