tcpdump of pflog to show pid
Jason Hellenthal
jhellenthal at dataix.net
Tue Mar 31 22:58:46 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Run tcpdump -vvve -i pflog0 ??? on a FreeBSD machine ?
Should yield your answer. This isn’t necessarily something to do with tcpdump(8) than it is for the inclusion of pf(4) into the FreeBSD kernel. Specific versions of tcpdump(8) and configured options might yield different results.. try base and ports.
On Mar 31, 2015, at 16:28, Joseph Mingrone <jrm at ftfl.ca> wrote:
Hi,
On OpenBSD, a tcpdump of the pflog can show the pid for locally
generated traffic. PFLOG(4) sugggests FreeBSD's pflog also records this
information. Is that the case? Can FreeBSD's tcpdump show this
information?
I see a similar question from 2008, but no response.
https://lists.freebsd.org/pipermail/freebsd-pf/2008-April/004307.html
Joseph
- --
Jason Hellenthal
Mobile: +1 (616) 953-0176
jhellenthal at DataIX.net
JJH48-ARIN
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJVGyahAAoJEDLu+wRc4KcIctIIAJbKj3HSFOk4MZdfYMDBpFad
cShOti2xIRK728w7SHzevoGx7PvBHcl+8MjqV47NwX30FF7GoWjBQw/Hm0M6TqCP
2FaNuBHWMGRptgGuaNjQ0MMX39Vp2lclNu9anLvU3WlIxQz3gijEQonIeQQie+es
TM0u/7YCtY9/YouW4KzBXAEj8TCnfRb+J9uM1Eh7udB6IMM8UFR6fSBLh3u/6Wrn
A7Ni2qWNAbmH/jPWx/MPO/PdkwOUwJLIbYKn6mCscBQxTWx3ile0Jiqtom01htag
WKl2AkGCZAPhP8cbFFstmKkzKRzkYiPAJiJ4GTNiu6WA4GfLEoSOkxDU8d5BaKM=
=rs+o
-----END PGP SIGNATURE-----
More information about the freebsd-pf
mailing list