Display Filter Reference: OpenBSD Packet Filter log file

Protocol field name: pflog

Versions: 1.0.0 to 2.2.7

Back to Display Filter Reference

Field name Description Type Versions
pflog.daddr Destination Address IPv4 address 1.8.0 to 2.0.13
pflog.daddr.bytes Destination Address Sequence of bytes 2.2.0 to 2.2.7
pflog.daddr.ipv4 Destination Address IPv4 address 2.2.0 to 2.2.7
pflog.daddr.ipv6 Destination Address IPv6 address 2.2.0 to 2.2.7
pflog.dport Destination Port Unsigned integer, 2 bytes 1.8.0 to 2.2.7
pflog.invalid_header_length Expert Info Label 1.12.0 to 2.2.7
pflog.length Header Length Unsigned integer, 1 byte 1.0.0 to 2.2.7
pflog.pad Padding Sequence of bytes 1.8.0 to 2.2.7
pflog.pid PID Signed integer, 4 bytes 1.8.0 to 2.2.7
pflog.rewritten Rewritten Unsigned integer, 1 byte 1.8.0 to 2.2.7
pflog.rule_pid Rule PID Signed integer, 4 bytes 1.8.0 to 2.2.7
pflog.rule_uid Rule UID Signed integer, 4 bytes 1.8.0 to 2.2.7
pflog.rulenr Rule Number Signed integer, 4 bytes 1.0.0 to 2.2.7
pflog.ruleset Ruleset Character string 1.0.0 to 2.2.7
pflog.saddr Source Address IPv4 address 1.8.0 to 2.0.13
pflog.saddr.bytes Source Address Sequence of bytes 2.2.0 to 2.2.7
pflog.saddr.ipv4 Source Address IPv4 address 2.2.0 to 2.2.7
pflog.saddr.ipv6 Source Address IPv6 address 2.2.0 to 2.2.7
pflog.sport Source Port Unsigned integer, 2 bytes 1.8.0 to 2.2.7
pflog.subrulenr Sub Rule Number Signed integer, 4 bytes 1.0.0 to 2.2.7
pflog.uid UID Signed integer, 4 bytes 1.8.0 to 2.2.7
Go Beyond with Riverbed Technology

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products that fully integrate with Wireshark.

I have a lot of traffic...

ANSWER: SteelCentral™ Packet Analyzer PE
  • • Visually rich, powerful LAN analyzer
  • • Quickly access very large pcap files
  • • Professional, customizable reports
  • • Advanced triggers and alerts
  • • Fully integrated with Wireshark and AirPcap™
Learn More

Buy Now

No, really, I have a LOT of traffic…

ANSWER: SteelCentral™ NetShark appliance
  • • Troubleshoot problems faster
  • • Quickly identify the applications running on your network
  • • Monitor your virtual machine traffic
Learn More

I need to capture wireless traffic...

ANSWER: AirPcap™ 802.11 Packet Capture
  • • WLAN packet capture and transmission
  • • Full 802.11 a/b/g/n support
  • • View management, control and data frames
  • • Multi-channel aggregation (with multiple adapters)
Learn More Buy Now