| To: | Shawn Wilton <shawn@black9.net> |
|---|---|
| Subject: | Re: Turning on pf logging after switching from ipf. |
| From: | Daniel Hartmeier <daniel@benzedrine.cx> |
| Date: | Thu, 28 Feb 2002 19:31:57 +0100 |
| Cc: | Dries Schellekens <gwyllion@ace.ulyssis.org>, misc@openbsd.org |
| In-reply-to: | <HAEKIFPMIKBIOBFFOHMFCECGCDAA.shawn@black9.net>; from shawn@black9.net on Thu, Feb 28, 2002 at 10:09:01AM -0800 |
| References: | <Pine.LNX.4.33.0202281417140.30301-100000@ace> <HAEKIFPMIKBIOBFFOHMFCECGCDAA.shawn@black9.net> |
| Sender: | owner-misc@openbsd.org |
| User-agent: | Mutt/1.2.5.1i |
On Thu, Feb 28, 2002 at 10:09:01AM -0800, Shawn Wilton wrote: > Thanks! but why isn't that in the man pages and why isn't it done > automatically? Is there a way of logging to disk w/o the risk of running > tcpdump as root on the base machine? It is in the man page, pflogd(8). And if you have (manually) updated your /etc, rc will automatically start pflogd, which logs to /var/log/pflog, which you can tcpdump as non-root, if you chmod it appropriately. tcpdump'ing pflog0 is just for additional life dumping of the same packets that already get loggin in /var/log/pflog. Daniel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | C Compiler, Dennis Myhand |
|---|---|
| Next by Date: | Re: Turning on pf logging after switching from ipf., Shawn Wilton |
| Previous by Thread: | Re: Turning on pf logging after switching from ipf., Shawn Wilton |
| Next by Thread: | Re: Turning on pf logging after switching from ipf., Shawn Wilton |
| Indexes: | [Date] [Thread] [Top] [All Lists] |