Date: Mon, 1 Oct 2001 13:32:49 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: Martin Hermanowski <martin@mh57.net> Cc: security@FreeBSD.ORG Subject: Re: ipfw logging complete packets Message-ID: <20011001133249.D304@blossom.cjclark.org> In-Reply-To: <20010929223004.M70637@mh57.net>; from martin@mh57.net on Sat, Sep 29, 2001 at 10:30:05PM %2B0200 References: <20010929223004.M70637@mh57.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 29, 2001 at 10:30:05PM +0200, Martin Hermanowski wrote: > Hi list, > I would like not only to log some ip packets with ipfw, but to write > them to a file, preferred in a format compatible to tcpdump. > > Is there a way to do this? Not within ipfw(8). But there are ways to do this. One obvious choice is Snort, but this completely bypasses ipfw(8). Another idea is to write a very lightweight daemon that gets fed packets from a divert(4) rule and writes the packets to a file. I've considered writing something to do this and a few other capabilities, but have never gotten around to it. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011001133249.D304>