You can subscribe to this list here.
2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2019 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2020 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: [-=DJKR=-] <djk...@ya...> - 2020-05-22 15:03:29
|
Hello, When I try to launch daemonlogger with a the pid path and filename attribute I cannot see the pid file generated, also seems pid file is not generated in the default location if the pid path and filename attribute are not provided ./daemonlogger -l /var/log/ -p Daemonloggertest -P /var/log/[-] Logpath set to /var/log/[-] Log filename set to "daemonlogger"[-] Pidfile configured to "Daemonloggertest"[-] Pidpath configured to "/var/log/"[-] Rollover size set to 2147483648 bytes[-] Pruning behavior set to oldest IN DIRECTORY -*> DaemonLogger <*-Version 1.2.1By Martin Roesch(C) Copyright 2006-2014 Cisco Systems Inc., All rights reserved Checking partition stats for log directory "/var/log//."sniffing on interface eth0Logging packets to /var/log//daemonlogger.1590158436.pcap^CQuitting! Regards |
From: <we...@ma...> - 2019-07-28 03:28:31
|
Hello! I started using daemonlogger [DL] on some machine, mirroring all accepted traffic (per filter) to disk for later security analyzis (keep two days). What really ugly is, is that the DL always switches the NIC into promiscuous mode. This is bad for many reasons: Not only, that you might be "recognized" as a spy in the ISPs network. >From my point of view, a simple commandlineswitch would changes this, like "-p" for tcpdump (and available for other tools too, like pmacct). Thanks so far, Manfred |
From: Marty R. (maroesch) <mar...@ci...> - 2016-06-28 19:32:16
|
Hi Sanjay, I¹ll have to take a look more deeply but it appears (and I recall) that if the input and output link types aren¹t the same then tap mode doesn¹t work well or at all. There should probably be some error checking code in there to make sure they are the same. The problem is that if the link types don¹t match you need to rewrite the link layer header and that doesn¹t work so well if you try to do raw socket output to an interface that doesn¹t have the same protocol format. Marty -- Martin Roesch - mar...@ci... VP/Chief Architect, Security Business Group ,,_ o" )~ Intelligent Cybersecurity for the Real World . : | : . : | : . '''' On 6/23/16, 10:42 AM, "Sanjay Patel" <sk...@sm...> wrote: >I have all traffic mapping to tun0 but when I run tcpdump against tap0 I >don't see anything, if I run it against eth0 in see traffic flowing. > >Sanjay > >Sent from my iPhone > > >-------------------------------------------------------------------------- >---- >Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San >Francisco, CA to explore cutting-edge tech and listen to tech luminaries >present their vision of the future. This family event has something for >everyone, including kids. Get more information and register today. >http://sdm.link/attshape >_______________________________________________ >Daemonlogger-users mailing list >Dae...@li... >https://lists.sourceforge.net/lists/listinfo/daemonlogger-users |
From: Sanjay P. <sk...@sm...> - 2016-06-23 14:58:11
|
I have all traffic mapping to tun0 but when I run tcpdump against tap0 I don't see anything, if I run it against eth0 in see traffic flowing. Sanjay Sent from my iPhone |