Date: Thu, 16 Sep 2004 10:15:50 -0500 From: "Thomas T. Veldhouse" <veldy@veldy.net> To: Hugo Silva <klr@6s-gaming.com> Cc: freebsd-pf@freebsd.org Subject: Re: pf not logging on 5.3-BETA3 ? Message-ID: <4149AE26.6010103@veldy.net> In-Reply-To: <58653.81.84.174.8.1095267239.squirrel@81.84.174.8> References: <58653.81.84.174.8.1095267239.squirrel@81.84.174.8>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig71FA638E852ACE97CC73DEEA Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hugo Silva wrote: >Hi, > >I can't make pf log to a logfile on the 5.3-BETA3. I didn't have any >problems with this on 5.2.1-RELEASE-p9 using the port.. > >I can access pflog0 and there I will see entries that are matching the >blocks, but I can't tail /var/log/pflog (empty). > >I've added device pf, pfsync, pflog to the kernel, and have the following >on rc.conf: > >pf_enable="YES" >pf_logd="YES" >pflog_logfile="/var/log/pflog" >pf_rules="/etc/pf.conf" > >The ruleset won't load automatically either (I think it should be >pf_conf=, but /etc/defaults/rc.conf shows pf_rules ...). pflogd won't >start, if I start it by hand it won't work either (starts, exits)... > >The /var/log/pflog file is there, owned root:wheel. But no entries are >being added to the log. If I try to see it like: > >[root@evilreborn:/usr/src/sys/i386/conf]# pflog >tcpdump: WARNING: pflog0: no IPv4 address assigned >tcpdump: verbose output suppressed, use -v or -vv for full protocol decode >listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 >bytes > >it works (btw, i had to ifconfig pflog0 up or it wouldn't work, this is dumb) > >But it won't write the blocked/logged entries to the logfile. Am I missing >something obvious here? > > > I am seeing these same issue. PF is working just fine, but /var/log/pflog is only 24 bytes long and full of garbage. FreeBSD fuggle.veldy.net 5.3-BETA4 FreeBSD 5.3-BETA4 #1: Tue Sep 14 22:08:40 CDT 2004 veldy@fuggle.veldy.net:/usr/src/sys/i386/compile/FUGGLE i386 Tom Veldhouse --------------enig71FA638E852ACE97CC73DEEA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBSa4pARgTFXYf0wARAg1UAJsFLZEZAhJk3sY2iDwUNiOA3XjF0QCeKE4q 7WNZwjdOSgp5+lB/aCN9e04= =8QE4 -----END PGP SIGNATURE----- --------------enig71FA638E852ACE97CC73DEEA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4149AE26.6010103>