I need something like conntrack -E command

I need to do with FreeBSD something like this linux command:

conntrack -E > log.txt

I have tried pfctl -s states and other commands, but I need something like tail -f .... so that whenever a new state is made, it will be logged in the log.txt

I need to log 24hours/day

please help me
thanks
 
pf(4) has a built-in logging feature - pflog(4). I do not have how to give you details now (the text below is incomplete), but you need something like this:

/etc/pf.conf
set loginterface $ext_if

/etc/rc.conf
Code:
pf_enable="YES"
   pflog_enable="YES"
   pflog_logfile="/var/log/pflog"

And then you can read the log with something like this:

tcpdump -netttr /var/log/pflog

EDIT: also, take a look at pflogd(8).

Cheers!
 
I would like to see on the same line:
ip of client in the LAN, ip destination on internet

something like this
192.168.2.66:4540 -> 75.74.7.7:80

is it possible with tcpdump?
I remember I could get
my public ip - destination ip
private ip in lan - my public ip

but not directly ip lan - destination ip...

my interfaces are:
em0 lan
pppoe0 wan
 
Dear,
I need the same goal, have you found a solution?
I need to log all connections from the PCs in lan to the WAN, IP PCs (maybe MAC address also) to IP WAN, only the start connection.

Thank you
Regards
 
Back
Top