Date: Mon, 5 Sep 2005 10:09:49 +0200 From: Vladimir Kotal <vlada@devnull.cz> To: freebsd-pf@freebsd.org Subject: Re: logging to another machine Message-ID: <20050905080949.GA19145@otaku.xtrmntr.org> In-Reply-To: <20050905072630.664053A@gw2.local.net> References: <431BD7AA.4040300@errno.com> <20050905072630.664053A@gw2.local.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 05, 2005 at 08:26:30AM +0100, Greg Hennessy wrote: > > > > > tcpdump -i pflog0 -n -e -ttt | logger -p local7.info -h sysloghost > > > > but that didn't work for some reason. > > Add the '-l' flag to tcpdump and it will. > > ~ # ps axww | egrep 'tcpdump|logger' > 428 con- S 0:02.70 tcpdump -s 96 -l -e -t -i pflog0 > 429 con- S 0:00.30 logger -p local0.info -t pf > So, the following looks like what can be put into /etc/rc* script for your favorite embedded distribution: ifconfig pflog0 up tcpdump -s 96 -l -e -t -i pflog0 2>/dev/null | \ logger -p local0.info -t pf & It could be nice if pflogd supported logging to syslog directly. v.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050905080949.GA19145>