On Sat, 12 Feb 2000, Dragos Ruiu wrote: > How to use it: > -This patch makes the kernel log all ethernet packets to syslog. > -The logging happens at the default level. I.e. normally on. > -You can turn logging on and off at the console by using the Magic SysRq key > and a number to change the logging level. > -Put the interface into promiscuous mode: ifconfig eth0 promisc > > Notes: > -It makes a neat hotkey sniffer when using the text console too. > -It seems to run pretty fast. Any benchmark data welcome(-->drat_private). > -try a tail -f /var/log/messages for real time display I was wondering... Are you sure it doesn't overrun the kernel message buffer? I noticed that sometimes, when you produce tons of messages from within the kernel, some of them are lost. I would rather use package as NeTraMet for doing this - it also does very nice traffic compression in the form of flows - very fast, extremely flexible, uses standard libpcap, doesn't require kernel patching etc... Andrzej Bialecki // <abialat_private> WebGiro AB, Sweden (http://www.webgiro.com) // ------------------------------------------------------------------- // ------ FreeBSD: The Power to Serve. http://www.freebsd.org -------- // --- Small & Embedded FreeBSD: http://www.freebsd.org/~picobsd/ ----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:10 PDT