cpghost wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location.
Using a blocksize (-b) with tail may also not be right,
because the captured packets
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location.
Using a blocksize (-b) with tail may also not be right,
because the captured packets are not the same size
On Tue, Nov 04, 2008 at 08:13:54PM +0100, cpghost wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location.
Using a blocksize (-b) with tail may also
cpghost [EMAIL PROTECTED] wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location.
[...]
I'm afraid that in the latter case, every packet
On Tue, Nov 04, 2008 at 07:20:42PM +, Matthew Seaman wrote:
cpghost wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location.
Using a blocksize
On Tue, Nov 04, 2008 at 09:22:42PM -0500, Sahil Tandon wrote:
cpghost [EMAIL PROTECTED] wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start at the right location
On Tue, Nov 04, 2008 at 05:15:57PM -0800, Jeremy Chadwick wrote:
On Tue, Nov 04, 2008 at 08:13:54PM +0100, cpghost wrote:
How can I watch /var/log/pflog grow with tcpdump, tail -f style?
This won't work:
$ tail -f /var/log/pflog | tcpdump -n -s 116 -r -
because tail doesn't start
Hi all
I want to use pf (actually I use ipfw).
Well after I read the openbsd book, I always don't known how can I log the
log of pf (with pflog) using syslog and I don't want (if it's possible) to
write anything in my hard-disk (event it's temporaly, because it's virtual
disk, I'm running vmware
On 5/22/06, Albert Shih [EMAIL PROTECTED] wrote:
Hi all
I want to use pf (actually I use ipfw).
Well after I read the openbsd book, I always don't known how can I log the
log of pf (with pflog) using syslog and I don't want (if it's possible) to
write anything in my hard-disk (event it's
/rc.conf).
When pflog is started your binary log is lcated on /var/log/pflog
you can read it witH:
tcpdump -n -t -r /var/log/pflog
if you want real time(because pflog is where is written with some delay)
tcpdump -n -t -i pflog0
Thanks. But I known this thing. The problem is with this method
in them..
example:
pass in quick log proto tcp from any to any keep state
then you have to have pflogd started(pflog_enable=YES in /etc/rc.conf).
When pflog is started your binary log is lcated on /var/log/pflog
you can read it witH:
tcpdump -n -t -r /var/log/pflog
if you want real time
Le 22/05/2006 à 10:14:58-0400, Andy Greenwood a écrit
This is discussed in the openbsd pf page
http://www.openbsd.org/faq/pf/logging.html#syslog
Thanks for the URLbut it's seem the shell script write on
FILE=/home/pflogger/pflog5min.$(date +%Y%m%d%H%M)
first before he push (by
Does anyone have a simple shell/perl script that can take
/var/log/pflog and parse it into a simple txt or html?
I would like to cron a script that can clean up the output of pflog
and put it into something more readable...
Basically something that looks like:
Time - SourceIP - Destination
On 2005-11-24 19:33, JD Bronson [EMAIL PROTECTED] wrote:
Does anyone have a simple shell/perl script that can take
/var/log/pflog and parse it into a simple txt or html?
I would like to cron a script that can clean up the output of pflog
and put it into something more readable...
Basically
Dick Hoogendijk [EMAIL PROTECTED] writes:
Today I compiled some kde stuff for a few hours on my fbsd-6.0 box and
when I gave the shutdown -p now command it took minutes to complete
the shutdown process. The machine seemed to hang on the shutdown of
the pflog device. The porcess
seemed to hang on the
shutdown of the pflog device. The porcess /was/ completed
succesfully in the end but I wonder what happened..
After starting up again and (again) a shutdown -p now all went well
and fast.
Anybody a clue?
You need a bit more information than that for a decent
Today I compiled some kde stuff for a few hours on my fbsd-6.0 box and
when I gave the shutdown -p now command it took minutes to complete
the shutdown process. The machine seemed to hang on the shutdown of
the pflog device. The porcess /was/ completed succesfully in the end but
I wonder what
17 matches
Mail list logo
