forwarding as a gateway, logging certain traffic
Bart Silverstrim
bsilver at chrononomicon.com
Tue Sep 12 13:47:36 PDT 2006
On Sep 12, 2006, at 4:45 PM, Chuck Swiger wrote:
> On Sep 12, 2006, at 1:37 PM, Bart Silverstrim wrote:
>>> Better to use something like:
>>>
>>> ipfw add 1 log tcp from any to me 25 setup
>>>
>>> If Bart would like to use tcpdump for the same purpose, consider
>>> running something like:
>>>
>>> tcpdump -nt 'port 25 and (tcp[tcpflags] & tcp-syn != 0)'
>>
>> Maybe my ipfw is old; it kept telling me that "log" is an invalid
>> action. However, I think I may be able to get the tcpdump idea to
>> work.
>
> There's a kernel option you need to enable for IPFW to do logging.
> If you're kldload'ing the ipfw module, it probably wasn't compiled
> with IPFW_LOGGING or whatever the exact name is.
I had set the verbosity (I think that was the parameter) from
googling around earlier, but that doesn't seem to help. I'm probably
missing an option somewhere else.
But you're right...tcpdump will be my friend :-)
More information about the freebsd-questions
mailing list