From owner-freebsd-questions@freebsd.org  Sun Nov 29 15:16:47 2015
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E70B7A3C1DB
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Sun, 29 Nov 2015 15:16:47 +0000 (UTC) (envelope-from artem@artem.ru)
Received: from fallback6.mail.ru (fallback6.mail.ru [94.100.181.147])
 by mx1.freebsd.org (Postfix) with ESMTP id 912CE1E3F
 for <freebsd-questions@freebsd.org>; Sun, 29 Nov 2015 15:16:47 +0000 (UTC)
 (envelope-from artem@artem.ru)
Received: from smtp51.i.mail.ru (smtp51.i.mail.ru [94.100.177.111])
 by fallback6.mail.ru (mPOP.Fallback_MX) with ESMTP id BA49B18DA989
 for <freebsd-questions@freebsd.org>; Sun, 29 Nov 2015 18:15:18 +0300 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru;
 s=mail2; 
 h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Message-ID:Subject:From:To;
 bh=b/iZ6mZFdsemgOnlGBo+bIuLFlVHSMU+ZZl1ED3R4w4=; 
 b=koFBH16DAMQiGHNvIb8IDkvDkCpcuAr2C/5lN5++BUi8Hb1PKyBqGrIEAx6SSOnWD/T/g7PYw/CRwFnOWGC4dJomnYlCVDZDVzxh05iQdzYBAJ69sj6zzTOh7vR4Tf11AMBh/XhrkVQZU1K95OcA32hqEptU7iZVyXQWL5xRqVk=;
Received: from [109.188.127.40] (port=38833 helo=[192.168.0.12])
 by smtp51.i.mail.ru with esmtpa (envelope-from <artem@artem.ru>)
 id 1a33gz-0001vc-8h
 for freebsd-questions@freebsd.org; Sun, 29 Nov 2015 18:15:09 +0300
To: freebsd-questions@freebsd.org
From: Artem Kuchin <artem@artem.ru>
Subject: Determine which user started tcp connection
Message-ID: <565B1695.6050604@artem.ru>
Date: Sun, 29 Nov 2015 18:15:33 +0300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Mras: Ok
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Nov 2015 15:16:48 -0000

Hello!

I have a jail with shared hosting. Many sites are hosted. Each on its 
own user.
I want to monitor their external connections. I allow external 
connections but want to
see what's going  on.
IPFW allowes easily to see all outgoing connection setups from jail, but 
i cannot
see which user started it.
I googled and i see that requests to add UID to IPFW log were first in 
2008 but
i still do not see it in the version 10.

So, is there a way to log UID and connection params  (dst ip and port) ?

Artem