Date: Tue, 31 Mar 2015 17:58:41 -0500 From: Jason Hellenthal <jhellenthal@dataix.net> To: Joseph Mingrone <jrm@ftfl.ca> Cc: freebsd-pf@freebsd.org Subject: Re: tcpdump of pflog to show pid Message-ID: <A537ECE3-5AEA-456A-9905-BB4C3F3038C6@dataix.net> In-Reply-To: <86a8ysvous.fsf@gly.ftfl.ca> References: <86a8ysvous.fsf@gly.ftfl.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Run tcpdump -vvve -i pflog0 ??? on a FreeBSD machine ? Should yield your answer. This isn’t necessarily something to do with tcpdump(8) than it is for the inclusion of pf(4) into the FreeBSD kernel. Specific versions of tcpdump(8) and configured options might yield different results.. try base and ports. On Mar 31, 2015, at 16:28, Joseph Mingrone <jrm@ftfl.ca> wrote: Hi, On OpenBSD, a tcpdump of the pflog can show the pid for locally generated traffic. PFLOG(4) sugggests FreeBSD's pflog also records this information. Is that the case? Can FreeBSD's tcpdump show this information? I see a similar question from 2008, but no response. https://lists.freebsd.org/pipermail/freebsd-pf/2008-April/004307.html Joseph - -- Jason Hellenthal Mobile: +1 (616) 953-0176 jhellenthal@DataIX.net JJH48-ARIN -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJVGyahAAoJEDLu+wRc4KcIctIIAJbKj3HSFOk4MZdfYMDBpFad cShOti2xIRK728w7SHzevoGx7PvBHcl+8MjqV47NwX30FF7GoWjBQw/Hm0M6TqCP 2FaNuBHWMGRptgGuaNjQ0MMX39Vp2lclNu9anLvU3WlIxQz3gijEQonIeQQie+es TM0u/7YCtY9/YouW4KzBXAEj8TCnfRb+J9uM1Eh7udB6IMM8UFR6fSBLh3u/6Wrn A7Ni2qWNAbmH/jPWx/MPO/PdkwOUwJLIbYKn6mCscBQxTWx3ile0Jiqtom01htag WKl2AkGCZAPhP8cbFFstmKkzKRzkYiPAJiJ4GTNiu6WA4GfLEoSOkxDU8d5BaKM= =rs+o -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A537ECE3-5AEA-456A-9905-BB4C3F3038C6>