Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: PF OpenBSD Network Monitoring
Operating Systems BSD PF OpenBSD Network Monitoring Post 302962232 by amithad on Thursday 10th of December 2015 05:09:23 AM
Old 12-10-2015
Data PF OpenBSD Network Monitoring
Hi,

Though I have some Linux background I'm new to BSD. Currently I'm administering an OpenBSD 5.3 firewall which based on PF.

I want to view my LAN's top talkers to the internet. If it is a graphical method that's better but I like to know whether it is possible through a command like pfctl. A help is greatly appreciated.

ThanksSmilie
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Network monitoring

Is there any way to check up the TCP/Ip port connectivity( healthiness ) without using ping or icmp calls ? (2 Replies)
Discussion started by: vikasdeshmukh
2 Replies

2. IP Networking

OpenBSD + Network +ifconfig

This feels really silly, but i just dont get it.. I just installed openbsd on one of my machines, usually i dont have this problem, but now, when i try to use ifconfig to give myself an ipadress, i get this errormsg: OpenAMD# ifconfig ep0 192.168.51.16 ifconfig: SIOCGIFFLAGS: Device not... (5 Replies)
Discussion started by: CopyWrong
5 Replies

3. UNIX for Dummies Questions & Answers

network monitoring software

hi can i know if there is any GUI interface software to help in monitoring the network of the servers i have? something like a web pages or a stock pages when a processes is down, a red colour is flashes. best if it is free ;) (1 Reply)
Discussion started by: legato
1 Replies

4. HP-UX

Monitoring traffic in the network

I Colleagues, Somebody can say me how to monitoring traffic in the network. also I am interested in monitoring memory. if somebody to know a guide with command advanced in unix welcome for me. Thank you for adcanced. (0 Replies)
Discussion started by: systemoper
0 Replies

5. UNIX for Advanced & Expert Users

network configuration on openbsd

Hi all, I got following configuration problem I need to configure tiny network on openbsd I got server1 with 3 interfaces vic0 em0 em1 The interface vic0 on server1 has follwoing IP 172.16.1.1 em0 firstly I would like to configure network under em0 (I have assigned to em0 following... (1 Reply)
Discussion started by: kvok
1 Replies

6. Shell Programming and Scripting

Network Monitoring

My Office Hours between 10 A.M to 5 P.M .I am managing 16 client PCs which is remotely placed. I want to know the network status of every client PCs.I need an automatic trigger mail ,when the network connection is lost in any one of the Client PCs during office hours.I am a self study learner.I... (9 Replies)
Discussion started by: kannansoft1985
9 Replies

7. Infrastructure Monitoring

Monitoring Top Talkers PF OpenBSD

Hi, Though I have some Linux background I'm new to BSD. Currently I'm administering an OpenBSD 5.3 firewall which based on PF. I want to view my top talkers to the internet. If it is a graphical one that's better but I like to know whether it is possible through a command like pfctl a help... (1 Reply)
Discussion started by: amithad
1 Replies

LEARN ABOUT FREEBSD

blackhole

BLACKHOLE(4)						   BSD Kernel Interfaces Manual 					      BLACKHOLE(4)

NAME

     blackhole -- a sysctl(8) MIB for manipulating behaviour in respect of refused TCP or UDP connection attempts

SYNOPSIS

     sysctl net.inet.tcp.blackhole[=[0 | 1 | 2]]
     sysctl net.inet.udp.blackhole[=[0 | 1]]

DESCRIPTION

     The blackhole sysctl(8) MIB is used to control system behaviour when connection requests are received on TCP or UDP ports where there is no
     socket listening.

     Normal behaviour, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a
     RST segment, and drop the connection.  The connecting system will see this as a ``Connection refused''.  By setting the TCP blackhole MIB to
     a numeric value of one, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole.  By setting
     the MIB value to two, any segment arriving on a closed port is dropped without returning a RST.  This provides some degree of protection
     against stealth port scans.

     In the UDP instance, enabling blackhole behaviour turns off the sending of an ICMP port unreachable message in response to a UDP datagram
     which arrives on a port where there is no socket listening.  It must be noted that this behaviour will prevent remote systems from running
     traceroute(8) to a system.

     The blackhole behaviour is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system.
     It could potentially also slow down someone who is attempting a denial of service attack.

WARNING

     The TCP and UDP blackhole features should not be regarded as a replacement for firewall solutions.  Better security would consist of the
     blackhole sysctl(8) MIB used in conjunction with one of the available firewall packages.

     This mechanism is not a substitute for securing a system.	It should be used together with other security mechanisms.

SEE ALSO

     ip(4), tcp(4), udp(4), ipf(8), ipfw(8), pfctl(8), sysctl(8)

HISTORY

     The TCP and UDP blackhole MIBs first appeared in FreeBSD 4.0.

AUTHORS

     Geoffrey M. Rehmet

BSD
								  January 1, 2007							       BSD
All times are GMT -4. The time now is 08:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy