Date: Sun, 29 Nov 2015 11:53:14 -0800 From: "darwinsurvivor@gmail.com" <darwinsurvivor@gmail.com> To: Artem Kuchin <artem@artem.ru> Cc: freebsd-questions@freebsd.org Subject: Re: Determine which user started tcp connection Message-ID: <CAMuYtRA9adcJHDt-0d_rB-BWjkvfs85H6n-1XKrAorinJRy3QA@mail.gmail.com> In-Reply-To: <565B1695.6050604@artem.ru> References: <565B1695.6050604@artem.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
I don't know about ipfw, but it can probably be done by monitoring netstat and looking at the UID of the process that made the connection. On Sun, Nov 29, 2015 at 7:15 AM, Artem Kuchin <artem@artem.ru> wrote: > Hello! > > I have a jail with shared hosting. Many sites are hosted. Each on its own > user. > I want to monitor their external connections. I allow external connections > but want to > see what's going on. > IPFW allowes easily to see all outgoing connection setups from jail, but i > cannot > see which user started it. > I googled and i see that requests to add UID to IPFW log were first in > 2008 but > i still do not see it in the version 10. > > So, is there a way to log UID and connection params (dst ip and port) ? > > Artem > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMuYtRA9adcJHDt-0d_rB-BWjkvfs85H6n-1XKrAorinJRy3QA>