Date: Thu, 3 Aug 2023 20:31:15 +0200 From: tuexen@freebsd.org To: Perttu Laine <plaine@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Is there a FreeBSD equivalent of 'tcpdump -i any' from Linux? Message-ID: <75FD39FF-FA6D-46BB-900A-E7192A174C28@freebsd.org> In-Reply-To: <CANNwXrZaXgtjkKQNQYNszdsjnkW2Dxh6YvALSy=yBCyW0d5YvA@mail.gmail.com> References: <826851ce2108b23515f81a8aca8d9b0e@vvelox.net> <CANNwXrZaXgtjkKQNQYNszdsjnkW2Dxh6YvALSy=yBCyW0d5YvA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 3. Aug 2023, at 14:59, Perttu Laine <plaine@gmail.com> wrote: > > On Tue, Aug 1, 2023 at 11:38 PM Zane C B-H <v.velox@vvelox.net> wrote: >> >> So what is a good way to get all packets passing through that the kernel >> currently sees? Apparently any is not support on non-Linux systems and >> pflog would require adding log to all rules. Similarly only logs packets >> that match a rule. >> > > tcpdump -i em0 & tcpdump -i em1 & tcpdump -i em2 > > should work dumpcap, the capture tool used by wireshark and thark, supports capturing on multiple interfaces. Best regards Michael > > -- > Perttu Laine, Kirvesmiespalvelu Laine Ky >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?75FD39FF-FA6D-46BB-900A-E7192A174C28>