From owner-freebsd-pf@FreeBSD.ORG Mon Mar 19 14:52:10 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D4A4116A406 for ; Mon, 19 Mar 2007 14:52:10 +0000 (UTC) (envelope-from Greg.Hennessy@nviz.net) Received: from smtp.nildram.co.uk (smtp.nildram.co.uk [195.149.33.74]) by mx1.freebsd.org (Postfix) with ESMTP id A181913C457 for ; Mon, 19 Mar 2007 14:52:10 +0000 (UTC) (envelope-from Greg.Hennessy@nviz.net) Received: from gw2.local.net (unknown [62.3.210.251]) by smtp.nildram.co.uk (Postfix) with ESMTP id 359A54C768 for ; Mon, 19 Mar 2007 14:52:07 +0000 (GMT) From: "Greg Hennessy" To: "'Eric'" , References: <45FE919B.7040208@mikestammer.com> In-Reply-To: <45FE919B.7040208@mikestammer.com> Date: Mon, 19 Mar 2007 14:52:00 -0000 Message-ID: <001d01c76a36$26216710$72643530$@Hennessy@nviz.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcdqM2HMtSkoq44STsS5y4PFbKDAtwAApAYA Content-Language: en-gb X-Antivirus: avast! (VPS 000725-0, 19/03/2007), Outbound message X-Antivirus-Status: Clean Cc: Subject: RE: pf logging differences X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2007 14:52:10 -0000 > > Why is the first host producing more detailed logs? why isnt pf showing > the port that was blocked or anything else like it does in the first > host? Is there a way to make the ng0 interface log more or is this due > to the netgraph hooks into pf? At a rough guess, you've not got IPV6 compiled into the 2nd system, if not tcpdump defaults to a snaplen of 64 rather than 96 bytes. Greg