While installing a new OpenBSD transparent bridge, the need came up to view with Wireshark a relatively new pf log file. Thanks to some colleagues at work I was able to accomplish this task by two quick commands.
$ su root
# newsyslog /var/log/pflog
Another way to do this is a simple tcpdump command.
$ sudo tcpdump -nettti pflog0 -w pfdumpfile
No comments:
Post a Comment