Date: Tue, 13 Dec 2005 09:31:33 -0800 From: Luigi Rizzo <rizzo@icir.org> To: Max Laier <max@love2party.net> Cc: Alexey Dokuchaev <danfe@FreeBSD.org>, src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>, Ceri Davies <ceri@submonkey.net> Subject: Re: ipfw2 logs to bpf (was Re: cvs commit: src/sbin/ipfw ipfw2.c...) Message-ID: <20051213093133.A13701@xorpc.icir.org> In-Reply-To: <200512131759.15695.max@love2party.net>; from max@love2party.net on Tue, Dec 13, 2005 at 05:59:07PM %2B0100 References: <200512131216.jBDCG3FJ042136@repoman.freebsd.org> <20051213061503.A10373@xorpc.icir.org> <20051213150858.GL78709@submonkey.net> <200512131759.15695.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 13, 2005 at 05:59:07PM +0100, Max Laier wrote: > On Tuesday 13 December 2005 16:08, Ceri Davies wrote: > > On Tue, Dec 13, 2005 at 06:15:04AM -0800, Luigi Rizzo wrote: > > > talking about ipfw2, a couple of years ago i posted some code for 4.x > > > to let ipfw2 "log" packets to a pseudo interface called /dev/ipfw0 so > > > that people in need of detailed logging could just get it from > > > there through tcpdump or whatever. > > > > I don't actually use pf, but there is a pflog interface which I believe > > does a similar thing. It would be good to integrate the two somehow. > > Indeed. pflog(4) has the additional edge that it prepends a header that > indicates the reason for logging this packet - i.e. rule number, action, ok it certainly looks like something that is fully usable for ipfw as well, and i think that as a first step the patch i submitted can be trivially simplified to use "pflog". On a related topic, what is the point, in net/bpf.c, of duplicating the body of bpf_mtap2 into bpf_mtap when the latter could be implemented in terms of the former, with only a very minor change (essentially checking for NULL data and prepending mb or not accordingly) ? cheers luigi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051213093133.A13701>