It sounds to me that you are looking for a Network Intrusion system.
1)
try:
/usr/ports/security/snort
It has plenty of rules that can help you log whatever u like.
2)
Also another possibility is to use
tcpdump host -w
which will log all the packets heading for your IP
in raw form
nal Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Roman V. Mashak
> Sent: Monday, October 14, 2002 9:35 PM
> To: [EMAIL PROTECTED]
> Subject: Re: monitor ALL connections to ALL ports
>
>
> On Mon, Oct 14, 2002 at 11:42:25PM +0100, Matthew Seaman
On Tue, Oct 15, 2002 at 10:35:21AM +0800, Roman V. Mashak wrote:
> Could you describe some methods of counting /var-partition size
> for saving there:
> 1) 'maillog' data
> 2) 'ipfw' logs.
That's a very hard question to answer. It depends on so many
different variables --- how much traffi
On Mon, Oct 14, 2002 at 11:42:25PM +0100, Matthew Seaman wrote:
> > I want to log all connections, regardless if they failed or
> > successed, regardless if they have a daemon running on that port or
> > not.
> The only way I can think of to achieve what you want -- logging every
> packet receive
On Mon, Oct 14, 2002 at 05:09:43PM -0500, Maildrop wrote:
> I want to log all connections, regardless if they failed or
> successed, regardless if they have a daemon running on that port or
> not.
The only way I can think of to achieve what you want -- logging every
packet received by your mach
On Mon, Oct 14, 2002 at 05:09:43PM -0500, Maildrop wrote:
> >On Mon, Oct 14, 2002 at 02:31:05PM -0500, Maildrop wrote:
> >>
> >> I put these rule in:
> >>
> >> ipfw add count log all from any to any
> >>
> >> I am getting messages in my log (/var/log/all.log) that appears like
> this:
> >> Oct 14
I moved this thread to [EMAIL PROTECTED] due to a request that
[EMAIL PROTECTED] was an inapropate place to discuss this issuse.
>On Mon, Oct 14, 2002 at 02:31:05PM -0500, Maildrop wrote:
>>
>> I put these rule in:
>>
>> ipfw add count log all from any to any
>>
>> I am getting messages in my