Date: Thu, 24 Jul 2008 19:47:56 +0300 From: "Ivan Petrushev" <ivanatora@gmail.com> To: FreeBSD <freebsd@optiksecurite.com> Cc: freebsd-pf@freebsd.org Subject: Re: Why this rule doesn't score a match? Message-ID: <d39744a20807240947i51b58978kbfe7929cde63f2ff@mail.gmail.com> In-Reply-To: <488889EA.8000306@optiksecurite.com> References: <d39744a20807231025w42fc4a99ha1e99be5fd5c76b0@mail.gmail.com> <48876DAD.9080100@optiksecurite.com> <d39744a20807231127u11df822rc2022a70b1a1af3e@mail.gmail.com> <d39744a20807231128j6641996i95ee8fec03053b6e@mail.gmail.com> <488780A6.4010807@radel.com> <d39744a20807231221u11709fd0n434f05e57259375c@mail.gmail.com> <48879B35.1060905@gibfest.dk> <d39744a20807240557g2ceae355ka21e852d10ccc050@mail.gmail.com> <488889EA.8000306@optiksecurite.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Omg, silly me... Thaks! On Thu, Jul 24, 2008 at 4:55 PM, FreeBSD <freebsd@optiksecurite.com> wrote: > Ivan Petrushev a =E9crit : >> >> Hello Thomas, >> I'm recieving an error: >> # ifconfig plog1 create >> ifconfig: SIOCIFCREATE2: Invalid argument >> >> and I can't see anything in 'man ifconfig' related to the pflog device. >> >> > > I think it's just a typo: you forgot the 'f' in pflog1...;) > > Martin > >> Regards, Ivan >> >> On Wed, Jul 23, 2008 at 11:57 PM, Thomas Rasmussen <thomas@gibfest.dk> >> wrote: >> >>> >>> Ivan Petrushev wrote: >>> >>>> >>>> Hi Jon, >>>> Aaahhh, I see now - these FROM rules must be TO rules :D >>>> Thank you both for your replies. >>>> >>>> I'm going to monitor the outbond connections as well, but I think I >>>> will be OK then. This was the little stone in the shoe. >>>> I've already managed to let ICMP trough that 'block all' ;) >>>> >>>> Btw, I like the way pflog is working - deploying tcpdump on pflog0 and >>>> track down the logged packets. Is there a way to create another pflog >>>> device and use it for some different rules? I've seen there is an >>>> option to the 'log' keyword - (to pflogX), but I didn't managed to >>>> find out how to create more pflog devices. >>>> >>>> Regards, >>>> Ivan. >>>> >>>> >>> >>> Hello, >>> >>> To create another pflog interface do: >>> ifconfig pflog1 create >>> >>> And to create it at boot time add: >>> cloned_interfaces=3D"pflog1" >>> to /etc/rc.conf >>> >>> Regards >>> >>> Thomas >>> _______________________________________________ >>> freebsd-pf@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >>> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >>> >>> >> >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d39744a20807240947i51b58978kbfe7929cde63f2ff>