Date: Thu, 3 Aug 2023 16:53:03 +0200 From: Stefan Zehl <sec@42.org> To: Zane C B-H <v.velox@vvelox.net> Cc: net@freebsd.org Subject: Re: Is there a FreeBSD equivalent of 'tcpdump -i any' from Linux? Message-ID: <ZMu/T4K7t08aFaRN@ice.42.org> In-Reply-To: <826851ce2108b23515f81a8aca8d9b0e@vvelox.net> References: <826851ce2108b23515f81a8aca8d9b0e@vvelox.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
On Tue, Aug 01, 2023 at 13:21 -0500, Zane C B-H wrote:
> So what is a good way to get all packets passing through that the kernel
> currently sees? Apparently any is not support on non-Linux systems and
> pflog would require adding log to all rules. Similarly only logs packets
> that match a rule.
What I've done in the path is make an if_brige(4) bridge0 interface, put
that into monitor mode and joined all the interfaces needed to it.
Worked quite well for me.
CU,
Sec
--
There are too many priorities. One has to prioritize priorities. -- Wietse
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZMu/T4K7t08aFaRN>