Date: Tue, 16 Oct 2001 16:06:46 +0200 From: Wim Livens <wim@livens.net> To: Mathias.Picker@virtual-earth.de Cc: freebsd-isp@freebsd.org Subject: Re: getting all connections between two sites Message-ID: <20011016160646.F92155@krijt.livens.net> In-Reply-To: <20011016131534.9578937B405@hub.freebsd.org>; from Mathias.Picker@virtual-earth.de on Tue, Oct 16, 2001 at 03:15:27PM %2B0200 References: <20011016131534.9578937B405@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Op di 16 okt, 2001 om 03:15:27pm +0200, schreef Mathias.Picker@virtual-earth.de:
>
> two sites have to be isolated through a firewall, which are right now
> fully connected and have probably many cross connections, e.g. users at
> siteA using servers at siteB and vice versa.
> Has anyone done this allready, or has anyone an idea how to do this
> without logging all the connection data and post-process it? I need only
> the fact that some connection has been up and which ip's, port and
> protocol was involved, and only once per connection, e.g. if I found
> some connection, I'm not interested in it anymore.
See /usr/ports/net/nstreams
This is especially useful when you plan to install a fire-
wall but if you do not know the nstreams that the network
users are generating (http, real audio, and more...).
nstreams can read the tcpdump output directly from stdin,
or from a file. It can even generate the configuration
file of your firewall, using the -O option.
--
Wim Livens
http://wim.livens.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011016160646.F92155>