Display Filter Reference: OpenBSD Packet Filter log file

Protocol field name: pflog

Versions: 1.0.0 to 3.2.5

Back to Display Filter Reference

Field name Description Type Versions
pflog.daddr Destination Address IPv4 address 1.8.0 to 2.0.16
pflog.daddr.bytes Destination Address Sequence of bytes 2.2.0 to 3.2.5
pflog.daddr.ipv4 Destination Address IPv4 address 2.2.0 to 3.2.5
pflog.daddr.ipv6 Destination Address IPv6 address 2.2.0 to 3.2.5
pflog.dport Destination Port Unsigned integer, 2 bytes 1.8.0 to 3.2.5
pflog.invalid_header_length Invalid header length Label 1.12.0 to 3.2.5
pflog.length Header Length Unsigned integer, 1 byte 1.0.0 to 3.2.5
pflog.pad Padding Sequence of bytes 1.8.0 to 3.2.5
pflog.pid PID Signed integer, 4 bytes 1.8.0 to 3.2.5
pflog.rewritten Rewritten Unsigned integer, 1 byte 1.8.0 to 3.2.5
pflog.rule_pid Rule PID Signed integer, 4 bytes 1.8.0 to 3.2.5
pflog.rule_uid Rule UID Signed integer, 4 bytes 1.8.0 to 3.2.5
pflog.rulenr Rule Number Signed integer, 4 bytes 1.0.0 to 3.2.5
pflog.ruleset Ruleset Character string 1.0.0 to 3.2.5
pflog.saddr Source Address IPv4 address 1.8.0 to 2.0.16
pflog.saddr.bytes Source Address Sequence of bytes 2.2.0 to 3.2.5
pflog.saddr.ipv4 Source Address IPv4 address 2.2.0 to 3.2.5
pflog.saddr.ipv6 Source Address IPv6 address 2.2.0 to 3.2.5
pflog.sport Source Port Unsigned integer, 2 bytes 1.8.0 to 3.2.5
pflog.subrulenr Sub Rule Number Signed integer, 4 bytes 1.0.0 to 3.2.5
pflog.uid UID Signed integer, 4 bytes 1.8.0 to 3.2.5
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ AppResponse 11
  • • Full stack analysis – from packets to pages
  • • Rich performance metrics & pre-defined insights for fast problem identification/resolution
  • • Modular, flexible solution for deeply-analyzing network & application performance
Learn More