This is discussed in the openbsd pf page http://www.openbsd.org/faq/pf/logging.html#syslog
On 5/22/06, Albert Shih <[EMAIL PROTECTED]> wrote:
Le 22/05/2006 à 16:59:02+0300, Iantcho Vassilev a écrit > On 5/22/06, Albert Shih <[EMAIL PROTECTED]> wrote: > > When you write your rules, you put "log" in them.. > > > example: > pass in quick log proto tcp from any to any keep state > > > then you have to have pflogd started(pflog_enable="YES" in /etc/rc.conf). > > When pflog is started your binary log is lcated on /var/log/pflog > > you can read it witH: > tcpdump -n -t -r /var/log/pflog > > if you want real time(because pflog is where is written with some delay) > tcpdump -n -t -i pflog0 Thanks. But I known this thing. The problem is with this method the log is first write on the hard-disk. And I don't want do that (well I don't like...) I prefer the pflogd directly log to a central server. It's possible ? Regards. -- Albert SHIH Universite de Paris 7 (Denis DIDEROT) U.F.R. de Mathematiques. 7 ième étage, plateau D, bureau 10 Heure local/Local time: Mon May 22 16:08:02 CEST 2006 _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
