Date: Wed, 30 Jan 2002 12:59:38 +1100 From: Edwin Groothuis <edwin@mavetju.org> To: "Crist J. Clark" <cjc@FreeBSD.ORG> Cc: questions@FreeBSD.ORG Subject: Re: ipfw + natd Message-ID: <20020130125938.Y823@k7.mavetju.org> In-Reply-To: <20020129175155.M79208@blossom.cjclark.org>; from cjc@FreeBSD.ORG on Tue, Jan 29, 2002 at 05:51:55PM -0800 References: <001f01c1a906$b5cb9300$0200a8c0@mdrjr.net> <20020130123005.X823@k7.mavetju.org> <20020129175155.M79208@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 29, 2002 at 05:51:55PM -0800, Crist J. Clark wrote: > On Wed, Jan 30, 2002 at 12:30:05PM +1100, Edwin Groothuis wrote: > > On Tue, Jan 29, 2002 at 06:36:46PM -0200, Mauro Dias wrote: > > > I'm using natd and ipfw to allow my intranet (192.168.0.0/24) to access > > > internet. > > > internet interface: rl2 > > > intranet interface rl1 > > > not using interface: rl0 (hehe) > > > > > > I'm using FreeBSD-4.5RC > > > > > > can someone tell how do i see what users in 192.168.0.0/24 are doing ? > > > something like netstat -M ? > > > > If you add keep-state to your ipfw-rules you will get a line in > > the ipfw -a l output for every tcp connection. > > > > Or try trafshow (don't run it as root, it's leaking descriptors). See > > http://www.mavetju.org/unix/tcpdumpmortals.php how to configure > > your system so normal users can run things like trafshow without > > needing root-access. > > Nothing complicated, one just needs read access to /dev/bpf* to sniff > away. Exactly. How often have users asked their administrator for the root-password because they didn't know this. And how many administrators have given them the root password because they didn't know how to do it properly? Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: ------------------+ http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020130125938.Y823>