Проект OpenNet: MAN pflog (4) Специальные файлы /dev/* (FreeBSD и Linux)

Интерактивная система просмотра системных руководств (man-ов)

pflog (4)

>> pflog (4) ( FreeBSD man: Специальные файлы /dev/* )

BSD mandoc

NAME



pflog

 - packet filter logging interface

SYNOPSIS

device pflog

DESCRIPTION

The pflog interface is a pseudo-device which makes visible all packets logged by the packet filter, pf(4). Logged packets can easily be monitored in real time by invoking tcpdump(1) on the interface, or stored to disk using pflogd(8).

The pflog0 interface is created automatically at boot if both pf(4) and pflogd(8) are enabled; further instances can be created using ifconfig(8).

Each packet retrieved on this interface has a header associated with it of length PFLOG_HDRLEN This header documents the address family, interface name, rule number, reason, action, and direction of the packet that was logged. This structure, defined in Aq Pa net/if_pflog.h looks like

struct pfloghdr {
        u_int8_t        length;
        sa_family_t     af;
        u_int8_t        action;
        u_int8_t        reason;
        char            ifname[IFNAMSIZ];
        char            ruleset[PF_RULESET_NAME_SIZE];
        u_int32_t       rulenr;
        u_int32_t       subrulenr;
        uid_t           uid;
        pid_t           pid;
        uid_t           rule_uid;
        pid_t           rule_pid;
        u_int8_t        dir;
        u_int8_t        pad[3];
};

EXAMPLES

Create a interface and monitor all packets logged on it:

# ifconfig pflog1 up
# tcpdump -n -e -ttt -i pflog1

HISTORY

The device first appeared in Ox 3.0 .

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру