Date: Tue, 16 Dec 2025 14:37:35 -0800 From: Gleb Smirnoff <glebius@freebsd.org> To: Kristof Provost <kp@freebsd.org> Cc: ks@freebsd.org, freebsd-pf@freebsd.org Subject: Re: IFT_PFLOG and IFT_PFSYNC Message-ID: <aUHfL_qh9lcSfF8O@cell.glebi.us> In-Reply-To: <2FC96EBC-8C1A-47BA-9CA7-5332515BC8B9@FreeBSD.org> References: <aUHOAePgxI1nJhCq@cell.glebi.us> <2FC96EBC-8C1A-47BA-9CA7-5332515BC8B9@FreeBSD.org>
index | next in thread | previous in thread | raw e-mail
On Tue, Dec 16, 2025 at 11:32:37PM +0100, Kristof Provost wrote: K> Pflog seems harder. There’s not much to configure, but exporting K> information is done through `tcpdump -n -e -ttt -i pflog1`, which sort of K> assumes a network interface. K> Your ddf4f9eda9c2 change talks about a BPF tap ipfwlog0. Does that mean we K> can `tcpdump -i ipfwlog0` even if there’s no struct ifnet ipfwlog0? Exactly! K> That’d probably be fine, even if I’m sure doing `tcpdump -i pflog0` is K> going to confuse me if ifconfig claims there’s no such interface as pflog0. We will get used to that soon :) Now we can easily implement bpf taps anywhere, e.g. "tcp_input" or on a named unix(4) socket. -- Gleb Smirnoffhelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aUHfL_qh9lcSfF8O>