From owner-freebsd-pf@FreeBSD.ORG Tue Mar 31 21:30:21 2015 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 178B855D for ; Tue, 31 Mar 2015 21:30:21 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C7100AD3 for ; Tue, 31 Mar 2015 21:30:20 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Yd3jX-0006xH-7z for freebsd-pf@freebsd.org; Tue, 31 Mar 2015 23:30:03 +0200 Received: from gly.ftfl.ca ([129.173.34.203]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 31 Mar 2015 23:30:03 +0200 Received: from jrm by gly.ftfl.ca with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 31 Mar 2015 23:30:03 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-pf@freebsd.org From: Joseph Mingrone Subject: tcpdump of pflog to show pid Date: Tue, 31 Mar 2015 18:28:11 -0300 Lines: 36 Message-ID: <86a8ysvous.fsf@gly.ftfl.ca> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: gly.ftfl.ca User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (berkeley-unix) Cancel-Lock: sha1:r6K49ngcWzIltNYfuMxGsf45I/4= X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Mar 2015 21:30:21 -0000 --=-=-= Content-Type: text/plain Hi, On OpenBSD, a tcpdump of the pflog can show the pid for locally generated traffic. PFLOG(4) sugggests FreeBSD's pflog also records this information. Is that the case? Can FreeBSD's tcpdump show this information? I see a similar question from 2008, but no response. https://lists.freebsd.org/pipermail/freebsd-pf/2008-April/004307.html Joseph --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVGxFrAAoJEDakDIOw1u+eCuoQAJPvwi06Gi3CtF/oz+xmwURU r+RAHica0vIxhIlrDtD+QLpQ1j26GAFTj8rAKgkgkRMQCHIbJRGlpn95FqgEt1Om Ei2KB305CpA6uwVYZ9jkyTfGy1MCJlUKH2ekNo8Gdt3yD218PfsZl2k0qpx8NQo9 rC64874lRK6S5DhS9G4CW/IIf/QgZrpy59soc7JJXd3u1WovDwb03zQeDx9VPTPP wvZ2I5zPAjSebAoGRji6RUJEI33WR9mPfxwdUCkVfJE9yZQUaAWKghip6bkzOKFC 1nw2ttWwDLcDrxLfwf4wIUotnS2tAG584ZuyFQ367Tc48uWRgbPbqpA8m7mqbKRd 5Si0rWMd4LvqX/2Cv50LkVFf56jfPBa3LNlAZfAknemTKOWBFPGIK6cI45BWJ9bA N4+pkpOHwO3L2FlL8/PcQwC496SljzEyyAJA6m8lzWJ94xwIGXx9ny4XFboDiX6t 4LLbuamhYEbM4QXkuicYrORf/KMVFudTBcHCdryf1u8lks+WV7KI9fSOatWE3w3I GIUPojzxA4QwiqPM0IRgy63T/TTfxae5Y0lBYrP+4Y3etWiFadIy2rni1voODvD0 t1ujoH5Z2PMo6kRFURkk9X9wVgfsNgvrFNqGluNATSUZX+V9kcKp7Ruw4q/btvdq sInvgaxMjlbSqPMKi8+e =x9Lp -----END PGP SIGNATURE----- --=-=-=--