Date: Wed, 28 Dec 2022 15:52:54 +0100 From: Juraj Lutter <otis@FreeBSD.org> To: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: native recording of all network connections on freebsd Message-ID: <96D7C087-7C42-420F-A032-A3430658EC52@FreeBSD.org> In-Reply-To: <CAEW%2BogbJrKJR%2BQJ2hmzvAOTaX6YoftMT0GrEcqEOhwAMddczbg@mail.gmail.com> References: <b2ea51ee-3944-b8d7-e0a8-8e4f16ebb8f@macktronics.com> <CAEW%2BogbJrKJR%2BQJ2hmzvAOTaX6YoftMT0GrEcqEOhwAMddczbg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 28 Dec 2022, at 15:28, Sami Halabi <sodynet1@gmail.com> wrote: >=20 > using firewall ike ipfw with rule to log any to any would be a start.. = for advanced use, stateful fw so You can log start of connections I would also consider using ng_netflow(4) with, for example, nfsend or = even logstash with netflow input module (and stored into elastic indexes), visualized by kibana or other tools. =E2=80=94 Juraj Lutter otis@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96D7C087-7C42-420F-A032-A3430658EC52>