Looks like there is a possibility to start the tcpdump sequence that feeds syslog with a -s 128 parameter, but not sure if it is producing the desired results.
> Check in /etc/inc/filter.inc IIRC. > > Scott > > > On 6/18/07, David Strout <[EMAIL PROTECTED]> wrote: > > I find that if you issue the snarf (snaplen) > > switch to the tcpdump command it reports the > > correct ports. Where is the "/usr/sbin/tcpdump -l > > -n -e -ttt -i pflog0" issued from .. rc script > > ???? > > > > > I also noticed that in the show raw logs mode > > the > > > ports do not show. > > > > > > -- > > > David L. Strout > > > Engineering Systems Plus, LLC > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
