Date: Fri, 17 Nov 2000 19:31:38 -0600 From: David Kelly <dkelly@hiwaay.net> To: freebsd-questions@FreeBSD.ORG Subject: Re: tcpdump and firewall on Pipeline Message-ID: <200011180131.eAI1VcS83713@grumpy.dyndns.org> In-Reply-To: Message from David Kelly <dkelly@hiwaay.net> of "Thu, 16 Nov 2000 17:07:06 CST." <p04320402b63a13cdd07e@[10.0.0.20]>
next in thread | previous in thread | raw e-mail | index | archive | help
David Kelly writes (replying to myself because no one else did): > > The tcpdump(1) manpage says: > > To print traffic neither sourced from nor destined for > local hosts (if you gateway to one other net, this stuff > should never make it onto your local net). > tcpdump ip and not net localnet > So I'm running "tcpdump ip and not net 10.0.0.0/24" which missed the > above event captured by the Pipeline. What I have since learned is that everything is working and tcpdump did capture said event. Wasn't until I killed it that its output was flushed to the log file. Now I know to add "-l" to force line buffering so I can see the event when it happens. As for the firewall logs on the Pipeline, the events are still happening with foreign addresses on source and destination, and tcpdump is not seeing them on my office ethernet. I will worry a bit less. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011180131.eAI1VcS83713>