-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi,
i'm using BSM auditing on 7.2-RELEASE to log network connections. i enabled 'nt' in audit_control: flags:lo,ad,+ex,na,+nt when examining the audit log with praudit, i see records for connect() calls: header,68,10,connect(2),0,Sat May 9 16:00:00 2009, + 560 msec subject,rriver,root,wheel,root,wheel,43709,835,15007,255.255.255.255 return,success,0 trailer,68 however, i don't see that the destination (or source) address is logged anywhere. i don't really see the point of auditing network activity without this information--is this a missing feature, or have i misconfigured something? thanks, river. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (HP-UX) iEYEARECAAYFAkoFvg0ACgkQIXd7fCuc5vKRFACeJaVKeRBe9OUyPU/j9HrfBVMw XYQAoIR7CAb/SqujCg1QIFUoVRFhyGnD =M1bm -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
