Date: Tue, 29 Jan 2002 19:27:25 -0800 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Edwin Groothuis <edwin@mavetju.org> Cc: questions@FreeBSD.ORG Subject: Re: ipfw + natd Message-ID: <20020129192725.O79208@blossom.cjclark.org> In-Reply-To: <20020130125938.Y823@k7.mavetju.org>; from edwin@mavetju.org on Wed, Jan 30, 2002 at 12:59:38PM %2B1100 References: <001f01c1a906$b5cb9300$0200a8c0@mdrjr.net> <20020130123005.X823@k7.mavetju.org> <20020129175155.M79208@blossom.cjclark.org> <20020130125938.Y823@k7.mavetju.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 30, 2002 at 12:59:38PM +1100, Edwin Groothuis wrote: > On Tue, Jan 29, 2002 at 05:51:55PM -0800, Crist J. Clark wrote: > > On Wed, Jan 30, 2002 at 12:30:05PM +1100, Edwin Groothuis wrote: > > > On Tue, Jan 29, 2002 at 06:36:46PM -0200, Mauro Dias wrote: > > > > I'm using natd and ipfw to allow my intranet (192.168.0.0/24) to access > > > > internet. > > > > internet interface: rl2 > > > > intranet interface rl1 > > > > not using interface: rl0 (hehe) > > > > > > > > I'm using FreeBSD-4.5RC > > > > > > > > can someone tell how do i see what users in 192.168.0.0/24 are doing ? > > > > something like netstat -M ? > > > > > > If you add keep-state to your ipfw-rules you will get a line in > > > the ipfw -a l output for every tcp connection. > > > > > > Or try trafshow (don't run it as root, it's leaking descriptors). See > > > http://www.mavetju.org/unix/tcpdumpmortals.php how to configure > > > your system so normal users can run things like trafshow without > > > needing root-access. > > > > Nothing complicated, one just needs read access to /dev/bpf* to sniff > > away. > > Exactly. How often have users asked their administrator for the > root-password because they didn't know this. And how many administrators > have given them the root password because they didn't know how to > do it properly? For some common systems (e.g. Solaris) that don't use pcap for sniffing, you do need root. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020129192725.O79208>