From owner-cvs-src@FreeBSD.ORG Tue Dec 13 15:12:43 2005 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B2C5D16A442; Tue, 13 Dec 2005 15:12:43 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD7F843D5A; Tue, 13 Dec 2005 15:12:42 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.13.3/8.13.3) with ESMTP id jBDFCeGN051574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Dec 2005 18:12:41 +0300 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.sick.ru (8.13.3/8.13.1/Submit) id jBDFCeSq051573; Tue, 13 Dec 2005 18:12:40 +0300 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Tue, 13 Dec 2005 18:12:40 +0300 From: Gleb Smirnoff To: Luigi Rizzo Message-ID: <20051213151240.GJ37414@FreeBSD.org> References: <20051213061503.A10373@xorpc.icir.org> <12911.1134485339@critter.freebsd.dk> <20051213070846.A10708@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20051213070846.A10708@xorpc.icir.org> User-Agent: Mutt/1.5.6i Cc: cvs-src@FreeBSD.org, Poul-Henning Kamp , src-committers@FreeBSD.org, Alexey Dokuchaev , cvs-all@FreeBSD.org Subject: Re: ipfw2 logs to bpf (was Re: cvs commit: src/sbin/ipfw ipfw2.c...) X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Dec 2005 15:12:43 -0000 On Tue, Dec 13, 2005 at 07:08:47AM -0800, Luigi Rizzo wrote: L> On Tue, Dec 13, 2005 at 03:48:59PM +0100, Poul-Henning Kamp wrote: L> > In message <20051213061503.A10373@xorpc.icir.org>, Luigi Rizzo writes: L> > L> > >talking about ipfw2, a couple of years ago i posted some code for 4.x L> > >to let ipfw2 "log" packets to a pseudo interface called /dev/ipfw0 so L> > >that people in need of detailed logging could just get it from L> > >there through tcpdump or whatever. L> > L> > Isn't it easier to use ipfwpcap(8) and a divert socket ? L> L> well apart that i just learned about it from this email and couldn't L> find a manpage, they are similar in spirit but they don't seem to L> do exactly the same thing: L> L> - 'log' is an option that you can set on any ipfw rule, independently L> from the action; L> - ipfwpcap only works on divert or tee rules (i read in the code L> that tee is broken but assume it can be fixed so the performance L> objection for the -r option will not matter, eventually). AFAIK, "tee" is not broken since Andre has made ipfw to use pfil(9) framework. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE