ssh/scp filtering, iplen problem
Chuck Swiger
cswiger at mac.com
Sat Sep 20 08:53:46 PDT 2003
Oliver Fromme wrote:
[ ... ]
> If not -- is there any other way to accomplish nwhat I
> want to achieve?
The other poster's suggestion about using port 22 for interactive and some other
port for scp copying is probably the easist.
The next thought I had would be to instrument ssh and log a line indicating the
amount of traffic consumed, perhaps via syslog to a central machine, if you
wanted to monitor traffic for lots of machines rather than just one test server.
A quick look at "ssh -v" suggests that ssh keeps a byte counter, and doing
filecopy invokes ssh on the remote side with a command of "scp -t ..." (so that
you could distinguish between interactive and copying modes within ssh).
--
-Chuck
More information about the freebsd-ipfw
mailing list