Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
PFLOG(4)               FreeBSD Kernel Interfaces Manual               PFLOG(4)

NAME
     pflog -- packet filter logging interface

SYNOPSIS
     device pflog

DESCRIPTION
     The pflog interface is a pseudo-device which makes visible all packets
     logged by the packet filter, pf(4).  Logged packets can easily be moni-
     tored in real time by invoking tcpdump(1) on the pflog interface, or
     stored to disk using pflogd(8).

     Each packet retrieved on this interface has a header associated with it
     of length PFLOG_HDRLEN.  This header documents the address family, inter-
     face name, rule number, reason, action, and direction of the packet that
     was logged.  This structure, defined in <net/if_pflog.h> looks like

           struct pfloghdr {
                   u_int8_t        length;
                   sa_family_t     af;
                   u_int8_t        action;
                   u_int8_t        reason;
                   char            ifname[IFNAMSIZ];
                   char            ruleset[PF_RULESET_NAME_SIZE];
                   u_int32_t       rulenr;
                   u_int32_t       subrulenr;
                   u_int8_t        dir;
                   u_int8_t        pad[3];
           };

EXAMPLES
           # ifconfig pflog0 up
           # tcpdump -n -e -ttt -i pflog0

SEE ALSO
     tcpdump(1) inet(4), inet6(4), netintro(4), pf(4), ifconfig(8), pflogd(8)

HISTORY
     The pflog device first appeared in OpenBSD 3.0.

FreeBSD 6.2                    December 10, 2001                   FreeBSD 6.2

NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | SEE ALSO | HISTORY

Want to link to this manual page? Use this URL:
<http://www.freebsd.org/cgi/man.cgi?query=pflog&sektion=4&manpath=FreeBSD+6.2-RELEASE>

home | help