PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
tcpdump has PF smarts for pflog interfaces, such as
tcpdump -n -e -ttt -i pflog0 inbound and action block and on wi0
or
$ sudo tcpdump -n -ttt -i pflog0 port domain tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG Sep 30 14:27:41.260190 212.5.66.14.53 > 194.54.107.19.53:[|domain] Sep 30 14:27:41.260253 212.5.66.14.53 > 194.54.107.19.53:[|domain] Sep 30 14:27:41.260267 212.5.66.14.53 > 194.54.107.19.53:[|domain] Sep 30 14:27:41.260638 194.54.107.19.53 > 212.5.66.14.53:[|domain] Sep 30 14:27:41.260798 194.54.107.19.53 > 212.5.66.14.53:[|domain] Sep 30 14:27:41.260923 194.54.107.19.53 > 212.5.66.14.53:[|domain]
tcpdump is your friend here, it can not be stated too often.