Date: Mon, 22 May 2006 16:59:02 +0300 From: "Iantcho Vassilev" <ianchov@gmail.com> To: "FreeBSD Mailing List" <freebsd-questions@freebsd.org> Subject: Re: pflog Message-ID: <18e02bd30605220659m10680b26hf1342958157e2f57@mail.gmail.com> In-Reply-To: <20060522131634.GW29183@math.jussieu.fr> References: <20060522131634.GW29183@math.jussieu.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/22/06, Albert Shih <shih@math.jussieu.fr> wrote: > > Hi all > > I want to use pf (actually I use ipfw). > > Well after I read the openbsd book, I always don't known how can I log the > log of pf (with pflog) using syslog and I don't want (if it's possible) to > write anything in my hard-disk (event it's temporaly, because it's virtual > disk, I'm running vmware). > > Regards. Hi! When you write your rules, you put "log" in them.. example: pass in quick log proto tcp from any to any keep state then you have to have pflogd started(pflog_enable="YES" in /etc/rc.conf). When pflog is started your binary log is lcated on /var/log/pflog you can read it witH: tcpdump -n -t -r /var/log/pflog if you want real time(because pflog is where is written with some delay) tcpdump -n -t -i pflog0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18e02bd30605220659m10680b26hf1342958157e2f57>