On 2009/01/10 22:11, Helmut Schneider wrote: > > I'm running pf on an IPv6 gateway. I use 'tcpdump -n -e -ttt -r > /var/log/pflog' to see the pf traffic: > > Jan 10 21:49:02.181784 rule 36/(match) pass in on xl0: > 192.168.0.1.55206 > 192.168.0.2.161: GetRequest(9)[|snmp] > Jan 10 21:49:05.223501 rule 150/(match) pass out on bge0: > 2001:db8::1.63602 > 2001:db8::2.53:[|domain] [flowlabel 0xd2238] > > I now would like to see live action so I thought I analogous can use > 'tcpdump -n -e -ttt -i pflog0' which however prints a different > output: > > Jan 10 21:52:45.355937 rule 36/(match) pass in on xl0: > 192.168.0.1.49215 > 192.168.0.2.161: [|snmp] > Jan 10 21:52:45.821927 rule 150/(match) pass out on bge0: [|ip6] > > What do I have to do to see the detailed live output? I at least want > to see a detailed IPv6 output.
Increase the snaplen (-s).
