From owner-freebsd-pf@FreeBSD.ORG Mon Oct 4 09:28:10 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72D9A16A4CE for ; Mon, 4 Oct 2004 09:28:10 +0000 (GMT) Received: from ns.kt-is.co.kr (ns.kt-is.co.kr [211.218.149.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id D064843D45 for ; Mon, 4 Oct 2004 09:28:09 +0000 (GMT) (envelope-from yongari@kt-is.co.kr) Received: from michelle.kt-is.co.kr (ns2.kt-is.co.kr [220.76.118.193]) (authenticated bits=128) by ns.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id i949R0Ah053994 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 4 Oct 2004 18:27:00 +0900 (KST) Received: from michelle.kt-is.co.kr (localhost.kt-is.co.kr [127.0.0.1]) by michelle.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id i949S4AL001948 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 4 Oct 2004 18:28:04 +0900 (KST) (envelope-from yongari@kt-is.co.kr) Received: (from yongari@localhost) by michelle.kt-is.co.kr (8.12.10/8.12.10/Submit) id i949S3Hn001947; Mon, 4 Oct 2004 18:28:03 +0900 (KST) (envelope-from yongari@kt-is.co.kr) Date: Mon, 4 Oct 2004 18:28:03 +0900 From: Pyun YongHyeon To: Max Laier Message-ID: <20041004092803.GA1674@kt-is.co.kr> References: <20041004074553.GB1226@kt-is.co.kr> <200410041104.51591.max@love2party.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200410041104.51591.max@love2party.net> User-Agent: Mutt/1.4.1i X-Filter-Version: 1.11a (ns.kt-is.co.kr) cc: freebsd-pf@freebsd.org Subject: Re: Shutting down pflogd gracefully X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: yongari@kt-is.co.kr List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Oct 2004 09:28:10 -0000 On Mon, Oct 04, 2004 at 11:04:44AM +0200, Max Laier wrote: > On Monday 04 October 2004 09:45, Pyun YongHyeon wrote: > > Hi, > > > > When pf module is unloaded prior to termination of pflogd(8), > > pflogd(8) takes up all available CPU cycles. This patch tries > > to address the long standing issue. Comments? > > Yeah ... go for it, please. Make sure to MT5 it as well. > yes, I'd like to but my local cvs server has some problems in it.(disk I/O error) I guess I can't commit it until new disk is available.(may be next week or end of this week) I'd like to avoid direct checkout with the official repository as it is recommended by committer's guide. > > --- contrib/pf/pflogd/pflogd.c.orig Wed Sep 1 03:04:34 2004 > > +++ contrib/pf/pflogd/pflogd.c Mon Oct 4 16:18:51 2004 > > @@ -656,8 +656,13 @@ > > while (1) { > > np = pcap_dispatch(hpcap, PCAP_NUM_PKTS, > > dump_packet, (u_char *)dpcap); > > - if (np < 0) > > + if (np < 0) { > > logmsg(LOG_NOTICE, "%s", pcap_geterr(hpcap)); > > +#ifdef __FreeBSD__ > > + /* check errno == ENXIO? */ > > + break; > > Anything we should clean up here, or is appropriate cleanup code below the > daemon-loop? > Hmm, I can't sure. I can't think any other error code except ENXIO when pflog device was destroyed. And normal cleanup code seems to be ok. > > +#endif > > + } > > > > if (gotsig_close) > > break; > > > > While fixing the issue, I noticed log messages via syslog is not > > gernerated. But in debugging mode(-D) outputting to stderr worked > > ok.(Killing pflogd with kill doesn't generate "Exiting" message.) > > Any ideas? > > We don't have a "daemon.*" facility in the FreeBSD syslog.conf by default. It > seems to be consensus (for some reason) to not add it by default. At least a > commit doing this has been backed out again (7 years ago). If you want the > pflogd(8) messages stored, you have to add something like: > > daemon.* /var/log/daemon > > to your /etc/syslog.conf ... not sure if there is a better way at this point. > So I had to add the following lines in syslog.conf. !pflogd *.* /var/log/pflogd.log As I said this doesn't generate any log when pflog exits. Thanks. -- Pyun YongHyeon