Date: Wed, 28 Dec 2022 15:52:54 +0100 From: Juraj Lutter <otis@FreeBSD.org> To: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: native recording of all network connections on freebsd Message-ID: <96D7C087-7C42-420F-A032-A3430658EC52@FreeBSD.org> In-Reply-To: <CAEW%2BogbJrKJR%2BQJ2hmzvAOTaX6YoftMT0GrEcqEOhwAMddczbg@mail.gmail.com> References: <b2ea51ee-3944-b8d7-e0a8-8e4f16ebb8f@macktronics.com> <CAEW%2BogbJrKJR%2BQJ2hmzvAOTaX6YoftMT0GrEcqEOhwAMddczbg@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
> On 28 Dec 2022, at 15:28, Sami Halabi <sodynet1@gmail.com> wrote: > > using firewall ike ipfw with rule to log any to any would be a start.. for advanced use, stateful fw so You can log start of connections I would also consider using ng_netflow(4) with, for example, nfsend or even logstash with netflow input module (and stored into elastic indexes), visualized by kibana or other tools. — Juraj Lutter otis@FreeBSD.orghome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96D7C087-7C42-420F-A032-A3430658EC52>