Re: native recording of all network connections on freebsd
W dniu 29.12.2022 o 02:58, Damjan Jovanovic pisze: On Wed, Dec 28, 2022 at 4:21 PM Dan Mack wrote: I'm wondering if anyone can help point me at a good way to continously capture every inbound and outbound connection made to a freebsd system. I'd prefer a way that is native in base if possible. I don't really want to record all the packets, just the src:dest:rport:dport stats. Happy to RTFM as well, Dan Another possibility is to enable Netflow in ipfw (there is an ipfw_netflow service), which submits periodic reports of all connections made and their data usage, and then collect and process the Netflow data using a Netflow server. Or develop a custom Netgraph service that examines packets and logs connections. This would even work in the absence of any firewall. Such a node exists: ng_netflow(4) and works flawlessly. -- Marek Zarychta
Re: native recording of all network connections on freebsd
> On 28 Dec 2022, at 15:28, Sami Halabi wrote: > > using firewall ike ipfw with rule to log any to any would be a start.. for > advanced use, stateful fw so You can log start of connections I would also consider using ng_netflow(4) with, for example, nfsend or even logstash with netflow input module (and stored into elastic indexes), visualized by kibana or other tools. — Juraj Lutter o...@freebsd.org
Re: 14.0-CURRENT panic on boot, i386 VirtualBox client
On 28-12-22 18:12, Ronald Klop wrote: I've had success to capture errors by recording the screen with my phone and playing back on slow speed. Another option might be to enable serial port for the console of the guest and capture the output. But I don't know if the default ISO uses that and how hard it is to configure VirtualBox to do that properly. Hi I have used my phone before, and I tried that. The last message with verbose turned on is isa_probe_children: probing PnP devices smist: found supported isa bridge Intel PIX4 ISA bridge panic: td 0x1d94840 stack 0x2424ee8 not in kstack VA 0x242 4 A+ Paul
Re: 14.0-CURRENT panic on boot, i386 VirtualBox client
On Thu, Dec 29, 2022 at 09:39:44AM +0100, Paul Floyd wrote: > > > On 28-12-22 18:12, Ronald Klop wrote: > > > > > I've had success to capture errors by recording the screen with my phone > > and playing back on slow speed. > > Another option might be to enable serial port for the console of the > > guest and capture the output. But I don't know if the default ISO uses > > that and how hard it is to configure VirtualBox to do that properly. > > Hi > > I have used my phone before, and I tried that. > > The last message with verbose turned on is > > isa_probe_children: probing PnP devices > smist: found supported isa bridge Intel PIX4 ISA bridge > panic: td 0x1d94840 stack 0x2424ee8 not in kstack VA 0x242 4 > %esp is indeed outside the KVA for the thread stack, assuming the numbers are accurate. It should be in range of 0x242 - 0x2424000. I just checked random boot in qemu for latest GENERIC/i386, and thread0 stack pointer returned by init386() is inside THREAD0_STACK. The backtrace is needed to make a further analysis.
