From owner-freebsd-questions Tue Jun 11 0:23: 4 2002 Delivered-To: freebsd-questions@freebsd.org Received: from topaz.mdcc.cx (topaz.mdcc.cx [212.204.230.141]) by hub.freebsd.org (Postfix) with ESMTP id 3B0B037B403 for ; Tue, 11 Jun 2002 00:23:02 -0700 (PDT) Received: from k7.mavetju (topaz.mdcc.cx [212.204.230.141]) by topaz.mdcc.cx (Postfix) with ESMTP id 4D1912B6AE; Tue, 11 Jun 2002 09:22:50 +0200 (CEST) Received: by k7.mavetju (Postfix, from userid 1001) id EDFFC6A711E; Tue, 11 Jun 2002 17:22:34 +1000 (EST) Date: Tue, 11 Jun 2002 17:22:34 +1000 From: Edwin Groothuis To: Ilia Chipitsine Cc: questions@FreeBSD.ORG Subject: Re: ipfw: catching data ? Message-ID: <20020611172234.K552@k7.mavetju> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from ilia@cgu.chel.su on Tue, Jun 11, 2002 at 12:55:00PM +0600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Jun 11, 2002 at 12:55:00PM +0600, Ilia Chipitsine wrote: > Dear Sirs, > > the following rule says that some packets were sent: > > /sbin/ipfw deny log tcp from any to me 3000 in recv tun1 > > which rule should I apply in order to catch what was transmitted during > that tcp session ? You could do it with tcpdump: tcpdump -i tun1 -X -len -s 1500 port 3000 Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: bash$ :(){ :|:&};: | http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message