On Thursday 23 February 2006 11:40, Bob Beck wrote: > > Bit of a openBSD n00b here. How would I go about listening to > > pflog0? I thought that required tcpdump running. What I want it > > running continuously on a small, dedicated firewall box (concerned > > about processing power as well as security)?
> > man pflog > > If you have ADD and can't read the whole thing > > man pflog | grep tcpdump I don't have ADD but apparently I don't spell all that correctly. So with the misspelled word "What" replaced with "Would", parts of my previous post might make some more sense: --------------------------------------------------------------- How would I go about listening to pflog0? I thought that required tcpdump running. Would I want it running continuously on a small, dedicated firewall box (concerned about processing power as well as security)? --------------------------------------------------------------- IOW, from your experience, is tcpdump safe in this scenario and is it's overhead minimal? Thanks. Chris