| Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
|---|---|---|
| Prev | Next | |
You can log to syslog, local or remote
NOTE: potential for huge amounts of data
disable local pflog via rc.conf.local
pflogd_flags="-f /dev/null"
define log in syslog.conf
pflogd_flags="-f /dev/null"
start it all (or put in rc.local)
$ sudo nohup tcpdump -lnettti pflog0 | logger -t pf -p local2.info &