From owner-freebsd-questions@FreeBSD.ORG Fri Apr 16 01:36:43 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D7E9106564A for ; Fri, 16 Apr 2010 01:36:43 +0000 (UTC) (envelope-from michael@thehugheslogcabin.net) Received: from smtprelay.b.hostedemail.com (smtprelay0118.b.hostedemail.com [64.98.42.118]) by mx1.freebsd.org (Postfix) with ESMTP id 9BEBF8FC15 for ; Fri, 16 Apr 2010 01:36:42 +0000 (UTC) Received: from smtprelay.b.hostedemail.com (b-bigip1 [10.5.19.254]) by smtpgrave04.b.hostedemail.com (Postfix) with ESMTP id 5F582485BCEC for ; Fri, 16 Apr 2010 01:17:00 +0000 (UTC) Received: from filter.hostedemail.com (b-bigip1 [10.5.19.254]) by smtprelay06.b.hostedemail.com (Postfix) with SMTP id F1A2E33F0441 for ; Fri, 16 Apr 2010 01:16:58 +0000 (UTC) X-Panda: scanned! X-Session-Marker: 6D64687567686573406875676865732E6E6574 X-Filterd-Recvd-Size: 3399 Received: from logcabin.home.thehugheslogcabin.net (unknown [67.142.208.232]) (Authenticated sender: mdhughes@hughes.net) by omf04.b.hostedemail.com (Postfix) with ESMTP for ; Fri, 16 Apr 2010 01:16:55 +0000 (UTC) Received: from TheHughesLogcabin.net (logcabin.home.thehugheslogcabin.net [192.168.10.51]) by logcabin.home.thehugheslogcabin.net (8.12.8p1/8.12.8) with ESMTP id o3G1Gosr069283 for ; Thu, 15 Apr 2010 20:16:51 -0500 (CDT) (envelope-from michael@thehugheslogcabin.net) Date: Thu, 15 Apr 2010 20:16:45 -0500 From: Michael Hughes To: freebsd-questions@freebsd.org Message-ID: <20100415201645.2ef97db4@TheHughesLogcabin.net> In-Reply-To: References: X-Mailer: Claws Mail 3.7.5cvs39 (GTK+ 2.10.13; i386-unknown-freebsd4.8) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEVpaWmMjIz////5+flCQkIWFha1tbXwUX2CAAACD0lEQVR4nF3TTXPbIBAG4CWDfWYTD/dIrc+11PqMpkvOcsvmLJLU//8n9AVHH45mLEs8WhYWoGa+nGjad3jo6ivN7ad9zqrh/Sscyefrh6qY7h4OJsc0QfT3HUySrWrKUfXSbOBZ7A6glxKyjTjYSciZg+wAjxsQcezIOD4A/qzQirBD9yoFXlc4ipCgSVO5jys8i0gJUKm8gVAk4vYV6vcJ7SHO470BXoNhdlbu4R8yot2DiixwRDfE/oqLrUZ9m+EXOiK+VnCozALfN8C0W+G8Q+ra0y1khSkF3sDjknyacwPI6sMy3G+JiHxpRY2tjt0yD0SQuWbmGpHeFhiNZ+czIhAShwV+jmSJzORIDFsxC5wCBVMWsFxEeYHn4Ix3gJKGBr8Coa1CyfHCy6iOSMrOlLlkZwfuVzA+A8wnNBtgj+GiYID9Ci2hJG6fUWKA8d09BIdSoojGrDvREWebbMLCOxsv7QIZ047JqgwYrv6tXRVtroQNLS5KwMT16TMCf+dgrARvsYdR3fd+gdYCjCMS/C7dPMG+aQ9BMBdmoUAvzRzR980EKKWPIZDcIrq2xcNZBNsziI6W4sMn9Ig4HrSSjuTiax1Vae/b9gNANmoaWMa6Hn2F5qNG4HhgbQN1M/TdD5V6bhLzLtihm6E/6e2wjdcCT9nPcNZY4YKIwTIS1hR9d8LJLPDCbAdCp/8BFrbJQh02xisAAAAASUVORK5CYII= X-Operating-System: FreeBSD 4.8-RELEASE Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/+yjoaUJef7EW2RzxR7jwbaI"; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Spam-Status: No, score=-0.0 required=5.0 tests=NO_RECEIVED,NO_RELAYS autolearn=failed version=3.2.5 X-Spam-Level: Subject: Re: about tcpdump X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Apr 2010 01:36:43 -0000 --Sig_/+yjoaUJef7EW2RzxR7jwbaI Content-Type: text/plain; charset=iso-8859-9 Content-Transfer-Encoding: quoted-printable On Thu, 15 Apr 2010 23:37:09 +0300 Yavuz Ma=FElak wrote: > I have a network. I wish to log all incoming and outgoing trafficc > using tcpdump on my gateway server. But I don't want to log these > traffic's data because of they take up much on disk. > I only want to log which ports were used, which ip addresses were > reached. How can I do these using tcpdump ? > Could you give me an example or docs? > I use freebsd7.2 >=20 Have you thought about using ARGUS (Audit Record Generation and Utilization System)? --=20 Michael Hughes Log Home living is the best Michael@TheHughesLogcabin.net --Sig_/+yjoaUJef7EW2RzxR7jwbaI Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFLx7p9Y1dMyGuHVOwRAsBlAJ0c22eedUmZz3uQNwYXiz0MqQ0KuACfY07S 6v75ODXqUMZm/Dex8iYKZBM= =CkbW -----END PGP SIGNATURE----- --Sig_/+yjoaUJef7EW2RzxR7jwbaI--