Date: Tue, 12 Sep 2006 13:28:39 -0700 From: Chuck Swiger <cswiger@mac.com> To: Bill Moran <wmoran@collaborativefusion.com> Cc: freebsd-questions@freebsd.org, Bart Silverstrim <bsilver@chrononomicon.com> Subject: Re: forwarding as a gateway, logging certain traffic Message-ID: <B7DDE980-7DB8-4AB8-AA85-8FD89638469C@mac.com> In-Reply-To: <20060912160830.b7a91061.wmoran@collaborativefusion.com> References: <7269D41C-C334-44DC-9549-ACB28F79014A@chrononomicon.com> <20060912160830.b7a91061.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 12, 2006, at 1:08 PM, Bill Moran wrote: >> Is there some way to get the FreeBSD system to log machines using >> port 25 without interfering with the FreeBSD machine's filtering of >> email function? Or at least make the traffic visible to sniffing >> with tcpdump or wireshark or ethereal? > > Off the top of my head ... > ipfw add 25 log tcp from any to any 25 > should work. There are certain kernel configs you have to have in > place for logging to work, though. Better to use something like: ipfw add 1 log tcp from any to me 25 setup If Bart would like to use tcpdump for the same purpose, consider running something like: tcpdump -nt 'port 25 and (tcp[tcpflags] & tcp-syn != 0)' -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B7DDE980-7DB8-4AB8-AA85-8FD89638469C>