Pflog

PF(4) - Device Drivers Manual

Pfctl, Pf.conf, Ioctl, Pfsync, Pflog, Bridge, Pflow, Pf

PF(4) - Device Drivers Manual # PF(4) - Device Drivers Manual NAME # pf - packet filter SYNOPSIS # pseudo-device pf DESCRIPTION # Packet filtering takes place in the kernel. A pseudo-device, /dev/pf, allows userland processes to control the behavior of the packet filter through an ioctl(2) interface. There are commands to enable and disable the filter, load rulesets, add and remove individual rules or state table entries, and retrieve statistics. ...

PFLOG(4) - Device Drivers Manual

Tcpdump, Pflogd, Netintro, Ifconfig, Inet, Inet6, Pf, Pflog

PFLOG(4) - Device Drivers Manual # PFLOG(4) - Device Drivers Manual NAME # pflog - packet filter logging interface SYNOPSIS # pseudo-device pflog DESCRIPTION # The pflog interface is a pseudo-device which makes visible all packets logged by the packet filter, pf(4). Logged packets can easily be monitored in real time by invoking tcpdump(8) on the pflog interface, or stored to disk using pflogd(8). The pflog0 interface is created automatically at boot if both pf(4) and pflogd(8) are enabled; further instances can be created using ifconfig(8). ...

PFLOGD(8) - System Manager's Manual

Tcpdump, Pf.conf, Pcap_open_live, Newsyslog, Pflog, Pf, Pflogd

PFLOGD(8) - System Manager’s Manual # PFLOGD(8) - System Manager’s Manual NAME # pflogd - packet filter logging daemon SYNOPSIS # pflogd [-Dx] [-d delay] [-f filename] [-i interface] [-s snaplen] [expression] DESCRIPTION # pflogd is a background daemon which reads packets logged by pf(4) to a pflog(4) interface, normally pflog0, and writes the packets to a logfile (normally /var/log/pflog) in tcpdump(8) binary format. These logs can be reviewed later using the -r option of tcpdump(8), hopefully offline in case there are bugs in the packet parsing code of tcpdump(8). ...

SPAMLOGD(8) - System Manager's Manual

Syslog, Spamd.conf, Tcpdump, Spamd, Syslogd, Pflogd, Spamdb, Pflog, Setup, Spamlogd

SPAMLOGD(8) - System Manager’s Manual # SPAMLOGD(8) - System Manager’s Manual NAME # spamlogd - spamd whitelist updating daemon SYNOPSIS # spamlogd [-DI] [-i interface] [-l pflog_interface] [-W whiteexp] [-Y synctarget] DESCRIPTION # spamlogd manipulates the spamd(8) database in /var/db/spamd used for greylisting. spamlogd updates the /var/db/spamd whitelist entries whenever a connection to port 25 is logged to the pflog(4) interface. The source addresses of inbound connections are whitelisted when seen by spamlogd to ensure that their entries in /var/db/spamd do not expire if the connecting host continues to send legitimate mail. ...

TCPDUMP(8) - System Manager's Manual

Filter, Udp, Pcap_open_live, Pf.os, Protocols, Bpf, Services, Pflog, Ether_aton, Hosts, Tcp, Ip, Pf, Tcpdump

TCPDUMP(8) - System Manager’s Manual # TCPDUMP(8) - System Manager’s Manual NAME # tcpdump - dump traffic on a network SYNOPSIS # tcpdump [-AadefILlNnOopqStvXx] [-B fildrop] [-c count] [-D direction] [-E [espalg:]espkey] [-F file] [-i interface] [-r file] [-s snaplen] [-T type] [-w file] [-y datalinktype] [expression] DESCRIPTION # tcpdump prints out the headers of packets on a network interface that match the boolean expression. You must have read access to /dev/bpf. ...