The
utility is used to copy diverted packets to a file in
tcpdump(1)
format.
The interesting packets are diverted by
ipfw(8)
to a port on which
listens.
The packets are then dropped unless
-r
is used.
Indicates that it is okay to quit if
maxbytes
or
maxpkts
are reached.
Diverted packets will silently disappear if nothing is listening on the
divert(4)
socket.
-b maxbytes
Stop dumping after
maxbytes
bytes.
-p maxpkts
Stop dumping after
maxpkt
packets.
-P pidfile
File to store PID number in.
Default is
/var/run/ipwfpcap.portnr.pid
The
portnum
argument specifies which
divert(4)
socket port to listen on.
The
dumpfile
argument is the path to the file to write captured packets to.
Specify
`-
'
to write to stdout.
EXIT STATUS
Ex -std
EXAMPLES
"ipfwpcap -r 8091 divt.log &"
Starts
as a background job listening to port 8091 and reflecting the packets
back to the socket.
"ipfw add 2864 divert 8091 ip from 192.0.2.101"
Example
ipfw(8)
rule to divert all packets from 192.0.2.101 to port 8091.
See
ipfw(8)
for details.
