Russell Fulton wrote: > HI, > I want to monitor the output from pflog in more or less real > time. It isn't clear to me what is the best (read simplest ;) way > to do this. > What I really want is a version of tcpdump that will effectively do > a tail -f on /var/log/pf. Ideally it would cope with logfile > rollovers too.
Welcome to the power of OpenBSD... just do: tcpdump -i pflog0
