Hi guys,
We have an issue where our office ip get block after been on our website (10 machine, 1 IP, 6 Websites)
I ran
Could anyone tell me what do I need to add tp pf to get the timestamp showing?
We have an issue where our office ip get block after been on our website (10 machine, 1 IP, 6 Websites)
I ran
sudo tcpdump -netttr /var/log/pflog | grep 80.252.64.xxx
and got
Code:
00:00:00.041037 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50671 > 10.8.20.13.443: Flags , seq 3651535672, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
00:00:00.210234 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50672 > 10.8.20.13.443: Flags , seq 1725074160, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
00:00:00.001641 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50673 > 10.8.20.13.443: Flags , seq 2975226484, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
00:00:00.004767 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50674 > 10.8.20.13.443: Flags , seq 2032562428, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
00:00:00.001632 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50675 > 10.8.20.13.443: Flags , seq 1516649337, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
00:00:00.000958 rule 22..16777216/0(match): pass in on bce0: 80.252.64.xxx.50676 > 10.8.20.13.443: Flags , seq 1014007733, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0