From owner-cvs-src@FreeBSD.ORG Tue Dec 13 18:42:22 2005 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 62CCC16A41F; Tue, 13 Dec 2005 18:42:22 +0000 (GMT) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (gate.funkthat.com [69.17.45.168]) by mx1.FreeBSD.org (Postfix) with ESMTP id E669D43D58; Tue, 13 Dec 2005 18:42:21 +0000 (GMT) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (localhost.funkthat.com [127.0.0.1]) by hydrogen.funkthat.com (8.13.3/8.13.3) with ESMTP id jBDIgJZM038503; Tue, 13 Dec 2005 10:42:19 -0800 (PST) (envelope-from jmg@hydrogen.funkthat.com) Received: (from jmg@localhost) by hydrogen.funkthat.com (8.13.3/8.13.3/Submit) id jBDIgI4k038502; Tue, 13 Dec 2005 10:42:18 -0800 (PST) (envelope-from jmg) Date: Tue, 13 Dec 2005 10:42:18 -0800 From: John-Mark Gurney To: Luigi Rizzo Message-ID: <20051213184218.GC55657@funkthat.com> References: <200512131216.jBDCG3FJ042136@repoman.freebsd.org> <20051213134143.GC77985@FreeBSD.org> <20051213140744.GH37414@FreeBSD.org> <20051213061503.A10373@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20051213061503.A10373@xorpc.icir.org> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 5.4-RELEASE-p6 i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html Cc: cvs-src@FreeBSD.org, Alexey Dokuchaev , Gleb Smirnoff , cvs-all@FreeBSD.org, src-committers@FreeBSD.org Subject: Re: ipfw2 logs to bpf (was Re: cvs commit: src/sbin/ipfw ipfw2.c...) X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John-Mark Gurney List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Dec 2005 18:42:22 -0000 Luigi Rizzo wrote this message on Tue, Dec 13, 2005 at 06:15 -0800: > talking about ipfw2, a couple of years ago i posted some code for 4.x > to let ipfw2 "log" packets to a pseudo interface called /dev/ipfw0 so > that people in need of detailed logging could just get it from > there through tcpdump or whatever. > > If someone is interested, here it is a copy of the message and patch. > It is very very trivial, so i don't expect to require a lot of > porting work to be adapted to HEAD and more recent versions of > FreeBSD. I have patches that teach tcpdump how to understand divert sockets... (I forget if I write the packets back to continue the chain or if you have to use tee..) This has the advantage of preventing yet another device in the system.. though it does prevent normal users from being able to watch the traffic... Anyone interested? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."