Date: Wed, 16 Oct 2002 12:37:15 +0300 From: Peter Pentchev <roam@ringlet.net> To: Danny.Carroll@mail.ing.nl Cc: maildrop@qwest.net, freebsd-security@freebsd.org Subject: Re: FW: monitor ALL connections to ALL ports Message-ID: <20021016093715.GX372@straylight.oblivion.bg> In-Reply-To: <C6304883FB11E347AD4958D3F14EC00AE89354@ing.com> References: <C6304883FB11E347AD4958D3F14EC00AE89354@ing.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--37cJpJlYZwAfNbm5 Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 16, 2002 at 10:48:01AM +0200, Danny.Carroll@mail.ing.nl wrote: > Something else you could do, if you want to put the effort into it is > to write a program that accepts all packets from ipfw (via a divert > rule) and then logs what you want before returning the untouched > packed back to ipfw. >=20 > Much like what natd does, except without the natting. > I am sure the natd sources would be very useful in this case. I am a bit surprised that nobody has mentioned ports/net/clog yet. It is simple yet effective; it does not log UDP packets, but this functionality may not be too hard to add. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence every third, but it still comprehensible. --37cJpJlYZwAfNbm5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE9rTNL7Ri2jRYZRVMRAranAJwMca/ePOz/60K9qnn7HAuSZKq3cACfXqB3 kH1yH22Ybj3Rpr0p0xbBQMs= =45Kg -----END PGP SIGNATURE----- --37cJpJlYZwAfNbm5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021016093715.GX372>