Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.sbin/npf/npfd add example.
details: https://anonhg.NetBSD.org/src/rev/4ad494edf584
branches: trunk
changeset: 350205:4ad494edf584
user: christos <christos%NetBSD.org@localhost>
date: Sat Jan 07 18:48:47 2017 +0000
description:
add example.
diffstat:
usr.sbin/npf/npfd/npfd.8 | 25 +++++++++++++++++++++++--
1 files changed, 23 insertions(+), 2 deletions(-)
diffs (46 lines):
diff -r 488121ebb3f5 -r 4ad494edf584 usr.sbin/npf/npfd/npfd.8
--- a/usr.sbin/npf/npfd/npfd.8 Sat Jan 07 18:28:49 2017 +0000
+++ b/usr.sbin/npf/npfd/npfd.8 Sat Jan 07 18:48:47 2017 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: npfd.8,v 1.1 2017/01/07 16:48:03 christos Exp $
+.\" $NetBSD: npfd.8,v 1.2 2017/01/07 18:48:47 christos Exp $
.\" $OpenBSD: pflogd.8,v 1.35 2007/05/31 19:19:47 jmc Exp $
.\"
.\" Copyright (c) 2001 Can Erkin Acar. All rights reserved.
@@ -225,7 +225,27 @@
Display the logs in real time of inbound packets that were blocked on
the wi0 interface:
.Bd -literal -offset indent
-# tcpdump -n -e -ttt -i pflog0 inbound and action block and on wi0
+# tcpdump -n -e -ttt -i npflog0 inbound and action block and on wi0
+.Ed
+.Pp
+Each
+.Xr npf 4
+rule is marked with an id number, shown using:
+.Bd -literal -offset indent
+# npfctl show
+...
+ block final all apply "log" # id="45"
+...
+.Ed
+.Pp
+This id is the rule id shown by tcpdump:
+.Bd -literal -offset indent
+# tcpdump -enr /var/log/npflog0.pcap
+...
+11:26:02.288199 rule 45.rules.0/0(match): block in on sk0: \e
+1.2.3.4.46063 > 5.6.7.8.23231: Flags [S], seq 1, win 8192, \e
+options [mss 1440], length 0
+...
.Ed
.Sh SEE ALSO
.Xr pcap 3 ,
@@ -233,6 +253,7 @@
.Xr npf.conf 5 ,
.Xr newsyslog 8 ,
.Xr npf 7 ,
+.Xr npfctl 8 ,
.Xr tcpdump 8
.Sh HISTORY
The
Home |
Main Index |
Thread Index |
Old Index