dawnshade wrote:
On Tuesday 25 October 2005 23:21, Anton Nikiforov wrote:tcpdump -n -e -ttt -x -i pflog0 host 127.0.0.1 000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 127.0.0.1.643: . ack 30 win 65535 0x0000: 4600 002c 6605 4000 0306 11c5 7f00 0001 F..,[EMAIL PROTECTED] 0x0010: 7f00 0001 0100 0000 0202 0283 8129 5dab .............)]. 0x0020: 5db7 f2f2 5010 ffff 7dce 0000 ]...P...}... 000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 127.0.0.1.643: . ack 30 win 65535 0x0000: 4600 002c d21d 4000 0306 a5ac 7f00 0001 F..,[EMAIL PROTECTED] 0x0010: 7f00 0001 0100 0000 0202 0283 8129 5dab .............)]. 0x0020: 5db7 f2f2 5010 ffff 7dce 0000 ]...P...}... The rule for this packet is not a "log" one, but the sign (short) is what i cannot understand.Read 'man 1 tcpdump' about key "-s".You command must be like "tcpdump -s 1000 -n -e -ttt -x -i pflog0 host 127.0.0.1"Change value 1000 to appropriate.
Hi, and thanks for the replay,but my question is not about how to use tcpdump (i know -s key), but what to do with pf to make this packets pass through. When my pf is up i cannot rsh to ipcad, but when it is down - everything is working just fine.
I need this rsh to get my ip statistics. Best regards, Anton
_______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
smime.p7s
Description: S/MIME Cryptographic Signature
