Date: Fri, 13 Nov 2009 23:08:34 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: "Stephane D'Alu" <sdalu@sdalu.com> Cc: net@freebsd.org Subject: Re: pf & tcpdump Message-ID: <20091113230319.R58089@sola.nimnet.asn.au> In-Reply-To: <4AFD4632.5090207@sdalu.com> References: <4AFD4632.5090207@sdalu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 13 Nov 2009, Stephane D'Alu wrote: > Is there a way to have tcpdump only showing packed that have pass the > filtering rules, so to check that firewall rules were correctly written and > not letting unwanted packets in. tcpdump sees packets before they're passed to the firewall coming in, and after the firewall going out. Lack of response to inbound packets that the firewall is supposed to block is usually a good sign .. Easiest way to see firewall rules are working is to add logging to them. cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091113230319.R58089>