Display Filter Reference: OpenBSD Packet Filter log file
Protocol field name: pflog
Versions: 1.0.0 to 2.6.3
Back to Display Filter Reference
| Field name | Description | Type | Versions |
|---|---|---|---|
| pflog.daddr | Destination Address | IPv4 address | 1.8.0 to 2.0.16 |
| pflog.daddr.bytes | Destination Address | Sequence of bytes | 2.2.0 to 2.6.3 |
| pflog.daddr.ipv4 | Destination Address | IPv4 address | 2.2.0 to 2.6.3 |
| pflog.daddr.ipv6 | Destination Address | IPv6 address | 2.2.0 to 2.6.3 |
| pflog.dport | Destination Port | Unsigned integer, 2 bytes | 1.8.0 to 2.6.3 |
| pflog.invalid_header_length | Invalid header length | Label | 1.12.0 to 2.6.3 |
| pflog.length | Header Length | Unsigned integer, 1 byte | 1.0.0 to 2.6.3 |
| pflog.pad | Padding | Sequence of bytes | 1.8.0 to 2.6.3 |
| pflog.pid | PID | Signed integer, 4 bytes | 1.8.0 to 2.6.3 |
| pflog.rewritten | Rewritten | Unsigned integer, 1 byte | 1.8.0 to 2.6.3 |
| pflog.rule_pid | Rule PID | Signed integer, 4 bytes | 1.8.0 to 2.6.3 |
| pflog.rule_uid | Rule UID | Signed integer, 4 bytes | 1.8.0 to 2.6.3 |
| pflog.rulenr | Rule Number | Signed integer, 4 bytes | 1.0.0 to 2.6.3 |
| pflog.ruleset | Ruleset | Character string | 1.0.0 to 2.6.3 |
| pflog.saddr | Source Address | IPv4 address | 1.8.0 to 2.0.16 |
| pflog.saddr.bytes | Source Address | Sequence of bytes | 2.2.0 to 2.6.3 |
| pflog.saddr.ipv4 | Source Address | IPv4 address | 2.2.0 to 2.6.3 |
| pflog.saddr.ipv6 | Source Address | IPv6 address | 2.2.0 to 2.6.3 |
| pflog.sport | Source Port | Unsigned integer, 2 bytes | 1.8.0 to 2.6.3 |
| pflog.subrulenr | Sub Rule Number | Signed integer, 4 bytes | 1.0.0 to 2.6.3 |
| pflog.uid | UID | Signed integer, 4 bytes | 1.8.0 to 2.6.3 |
Go Beyond with Riverbed Technology
I have a lot of traffic...
ANSWER: SteelCentral™ Packet Analyzer PE
- • Visually rich, powerful LAN analyzer
- • Quickly access very large pcap files
- • Professional, customizable reports
- • Advanced triggers and alerts
No, really, I have a LOT of traffic…
ANSWER: SteelCentral™ AppResponse 11
- • Full stack analysis – from packets to pages
- • Rich performance metrics & pre-defined insights for fast problem identification/resolution
- • Modular, flexible solution for deeply-analyzing network & application performance