From owner-freebsd-questions@FreeBSD.ORG  Tue Oct 23 13:39:19 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 575AD16A4C1
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Oct 2007 13:39:19 +0000 (UTC)
	(envelope-from nvass@teledomenet.gr)
Received: from smtp.teledomenet.gr (smtp.teledomenet.gr [213.142.128.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 7555513C4BF
	for <freebsd-questions@freebsd.org>;
	Tue, 23 Oct 2007 13:39:17 +0000 (UTC)
	(envelope-from nvass@teledomenet.gr)
Received: by smtp.teledomenet.gr (Postfix, from userid 58)
	id 90A0214217B; Tue, 23 Oct 2007 16:38:59 +0300 (EEST)
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on smtp.teledomenet.gr
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham
	version=3.2.3
Received: from iris (unknown [192.168.1.71])
	by smtp.teledomenet.gr (Postfix) with ESMTP id 23699142194;
	Tue, 23 Oct 2007 16:38:56 +0300 (EEST)
From: Nikos Vassiliadis <nvass@teledomenet.gr>
To: freebsd-questions@freebsd.org,
 Grant Peel <gpeel@thenetnow.com>
Date: Tue, 23 Oct 2007 16:41:43 +0300
User-Agent: KMail/1.9.7
References: <004f01c81312$640be7a0$6501a8c0@GRANT>
In-Reply-To: <004f01c81312$640be7a0$6501a8c0@GRANT>
X-NCC-RegID: gr.telehouse
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200710231641.44609.nvass@teledomenet.gr>
Cc: 
Subject: Re: trafshow and IPFW
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Oct 2007 13:39:19 -0000

On Saturday 20 October 2007 15:11:48 Grant Peel wrote:
> Hi all,
>
> If I write a rule to block irc ports (6669), and I see them being
> blocked in ipfw, will I still see the connection attemps in trafshow?

You seem to ask, yet I believe you already know the answer :)

Is trafshow using BPF? I took a peek at the project's home page
and it seems that it does so.

Anyway, if that's the case, yes, will see the connection attempts
'cause BPF is hooked on your card's link layer and sees every-
thing that's coming in and going out. That's everything, regard-
less relevance with the upper layers(IP and above).

HTH

Nikos