Tcpdump

BPF(4) - Device Drivers Manual

Tcpdump, Select, Makedev, Ioctl, Arc4random, Read, Signal, Bpf

BPF(4) - Device Drivers Manual # BPF(4) - Device Drivers Manual NAME # bpf - Berkeley Packet Filter SYNOPSIS # pseudo-device bpfilter DESCRIPTION # The Berkeley Packet Filter provides a raw interface to data link layers in a protocol-independent fashion. All packets on the network, even those destined for other hosts, are accessible through this mechanism. The packet filter appears as a character special device, /dev/bpf. After opening the device, the file descriptor must be bound to a specific network interface with the BIOCSETIF ioctl(2). ...

DISKLESS(8) - System Manager's Manual

Rpc.bootparamd, Exports, Tcpdump, Mygate, Myname, Rbootd, Mopd, Portmap, Rarpd, Hostname.if, Mountd, Bootparams, Pxeboot, Fstab, Hosts, Nfsd, Tftpd, Dhcpd.conf, Ethers, Dhcpd, Diskless

DISKLESS(8) - System Manager’s Manual # DISKLESS(8) - System Manager’s Manual NAME # diskless - booting a system over the network DESCRIPTION # The ability to boot a machine over the network is useful for diskless or dataless machines, or as a temporary measure while repairing or re-installing filesystems on a local disk. This file provides a general description of the interactions between a client and its server when a client is booting over the network. ...

ENC(4) - Device Drivers Manual

Tcpdump, Pf.conf, Ipsec, Ipsec.conf, Pf, Enc

ENC(4) - Device Drivers Manual # ENC(4) - Device Drivers Manual NAME # enc - encapsulating interface SYNOPSIS # pseudo-device enc DESCRIPTION # The enc interface is a virtual interface for ipsec(4) traffic. It allows packet filtering using pf(4); prior to encapsulation and after decapsulation, packets may be monitored using tcpdump(8). An enc interface can be created at runtime using the ifconfig enc‌N create command or by setting up a hostname. ...

IFCONFIG(8) - System Manager's Manual

Intro, Rtable, Tcpdump, Ifmedia, Netintro, Rc, Netstat, Slaacd, Inet, Hosts, Hostname.if, Route, Ifconfig

IFCONFIG(8) - System Manager’s Manual # IFCONFIG(8) - System Manager’s Manual NAME # ifconfig - configure network interface parameters SYNOPSIS # ifconfig [-AaC] [-M lladdr] [interface] [address_family] [address [dest_address]] [parameters] DESCRIPTION # The ifconfig utility is used to assign an address to a network interface and/or configure network interface parameters. Generally speaking, hostname.if(5) files are used at boot-time to define the network address of each interface present on a machine; ifconfig is used at a later time to redefine an interface’s address or other operating parameters. ...

ISAKMPD(8) - System Manager's Manual

Tcpdump, Getnameinfo, Iked, Ssl, Isakmpd.policy, Ipsec, Isakmpd.conf, Openssl, Pcap_open_offline, Ipsec.conf, Sasyncd, Isakmpd

ISAKMPD(8) - System Manager’s Manual # ISAKMPD(8) - System Manager’s Manual NAME # isakmpd - ISAKMP/Oakley a.k.a. IKEv1 key management daemon SYNOPSIS # isakmpd [-46adKLnSTv] [-c config-file] [-D class=level] [-f fifo] [-i pid-file] [-l packetlog-file] [-N udpencap-port] [-p listen-port] [-R report-file] DESCRIPTION # The isakmpd daemon establishes Security Associations (SAs) for encrypted and/or authenticated network traffic. At this moment, and probably forever, this means ipsec(4) traffic. Traditionally, isakmpd was configured using the isakmpd. ...

NDP(8) - System Manager's Manual

Tcpdump, Arp, Sysctl, Sysctl.conf, Ip6, Ndp

NDP(8) - System Manager’s Manual # NDP(8) - System Manager’s Manual NAME # ndp - control/diagnose IPv6 Neighbor Discovery Protocol (NDP) SYNOPSIS # ndp [-acnt] [-A wait] [-d hostname] [-f filename] [-i interface] [-s nodename ether_addr [temp] [proxy]] [-V rdomain] [hostname] DESCRIPTION # The ndp command manipulates the address mapping table used by the Neighbor Discovery Protocol (NDP). -A wait Repeat -a (dump NDP entries) every wait seconds. -a ...

PCAP-FILTER(5) - File Formats Manual

Pcap_open_live, Tcpdump, Pcap-Filter

PCAP-FILTER(5) - File Formats Manual # PCAP-FILTER(5) - File Formats Manual NAME # pcap-filter - packet filter syntax DESCRIPTION # pcap_compile(3) compiles pcap filters for software such as tcpdump(8). The resulting filter program can then be applied to some stream of packets to determine which packets will be supplied to pcap_loop(3), pcap_dispatch(3), pcap_next(3), or pcap_next_ex(3). The filter expression consists of one or more primitives. Primitives usually consist of an id (name or number) preceded by one or more qualifiers. ...

PF.OS(5) - File Formats Manual

Pfctl, Pf.conf, Tcpdump, Pf, Pf-Os

PF.OS(5) - File Formats Manual # PF.OS(5) - File Formats Manual NAME # pf.os - format of the operating system fingerprints file DESCRIPTION # The pf(4) firewall and the tcpdump(8) program can both fingerprint the operating system of hosts that originate an IPv4 TCP connection. The file consists of newline-separated records, one per fingerprint, containing nine colon (’:’) separated fields. These fields are as follows: window The TCP window size. ...

PFLOG(4) - Device Drivers Manual

Tcpdump, Pflogd, Netintro, Ifconfig, Inet, Inet6, Pf, Pflog

PFLOG(4) - Device Drivers Manual # PFLOG(4) - Device Drivers Manual NAME # pflog - packet filter logging interface SYNOPSIS # pseudo-device pflog DESCRIPTION # The pflog interface is a pseudo-device which makes visible all packets logged by the packet filter, pf(4). Logged packets can easily be monitored in real time by invoking tcpdump(8) on the pflog interface, or stored to disk using pflogd(8). The pflog0 interface is created automatically at boot if both pf(4) and pflogd(8) are enabled; further instances can be created using ifconfig(8). ...

PFLOGD(8) - System Manager's Manual

Tcpdump, Pf.conf, Pcap_open_live, Newsyslog, Pflog, Pf, Pflogd

PFLOGD(8) - System Manager’s Manual # PFLOGD(8) - System Manager’s Manual NAME # pflogd - packet filter logging daemon SYNOPSIS # pflogd [-Dx] [-d delay] [-f filename] [-i interface] [-s snaplen] [expression] DESCRIPTION # pflogd is a background daemon which reads packets logged by pf(4) to a pflog(4) interface, normally pflog0, and writes the packets to a logfile (normally /var/log/pflog) in tcpdump(8) binary format. These logs can be reviewed later using the -r option of tcpdump(8), hopefully offline in case there are bugs in the packet parsing code of tcpdump(8). ...