Date: Thu, 3 Aug 2023 20:31:15 +0200 From: tuexen@freebsd.org To: Perttu Laine <plaine@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Is there a FreeBSD equivalent of 'tcpdump -i any' from Linux? Message-ID: <75FD39FF-FA6D-46BB-900A-E7192A174C28@freebsd.org> In-Reply-To: <CANNwXrZaXgtjkKQNQYNszdsjnkW2Dxh6YvALSy=yBCyW0d5YvA@mail.gmail.com> References: <826851ce2108b23515f81a8aca8d9b0e@vvelox.net> <CANNwXrZaXgtjkKQNQYNszdsjnkW2Dxh6YvALSy=yBCyW0d5YvA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 3. Aug 2023, at 14:59, Perttu Laine <plaine@gmail.com> wrote: >=20 > On Tue, Aug 1, 2023 at 11:38=E2=80=AFPM Zane C B-H = <v.velox@vvelox.net> wrote: >>=20 >> So what is a good way to get all packets passing through that the = kernel >> currently sees? Apparently any is not support on non-Linux systems = and >> pflog would require adding log to all rules. Similarly only logs = packets >> that match a rule. >>=20 >=20 > tcpdump -i em0 & tcpdump -i em1 & tcpdump -i em2 >=20 > should work dumpcap, the capture tool used by wireshark and thark, supports = capturing on multiple interfaces. Best regards Michael >=20 > --=20 > Perttu Laine, Kirvesmiespalvelu Laine Ky >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?75FD39FF-FA6D-46BB-900A-E7192A174C28>