From owner-freebsd-pf@FreeBSD.ORG Thu Aug 24 14:05:14 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1DC3516A4DD for ; Thu, 24 Aug 2006 14:05:14 +0000 (UTC) (envelope-from zope@2012.vi) Received: from mail.dunhill.ws (network191-36.wctc.net [209.94.191.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C46E43D5C for ; Thu, 24 Aug 2006 14:05:06 +0000 (GMT) (envelope-from zope@2012.vi) Received: from [10.0.0.172] (159puntacana97.codetel.net.do [200.88.97.159]) by mail.dunhill.ws (Weasel v1.73) for ; 24 Aug 2006 10:05:01 -0400 Message-ID: <44EDB200.5020006@2012.vi> Date: Thu, 24 Aug 2006 10:04:48 -0400 From: beno User-Agent: Thunderbird 1.5.0.5 (Windows/20060719) MIME-Version: 1.0 To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Last Two Questions (I Think...) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Aug 2006 14:05:14 -0000 Thank you very much for all your help! Here is the first problem. It's a continuation of a problem we "fixed" earlier (nor did I change anything after we got it working the first time): shinjiru_ip_addresses="202.71.102.114 202.71.100.126 202.71.106.30 202.71.106.118 202.71.106.188 203.142.1.8" directv_ip_addresses="{ 69.19.0.0/17 }" shadday_ip_addresses="{ 200.88.64/23 200.88.66/23 200.88.80/20 200.88.96/20 200.88.112/22 200.88.118/23 200.88.120/21 }" ssh_ip_addresses= $shinjiru_ip_addresses $directv_ip_addresses $shadday_ip_addresses The parser won't parse the last line. It won't let me include either of the last two macros. This happened before I added the addresses to the latter (shadday) but is compounded by the same. The second problem has to do with logs. For example, this works: pass in quick inet proto tcp from any to $web_server port { $tcp_ports } flags S/SA keep state \ (max-src-conn 100, max-src-conn-rate 15/5, overload flush global) but this does not work: pass in quick log (all) inet proto tcp from any to $web_server port { $tcp_ports } flags S/SA keep state \ (max-src-conn 100, max-src-conn-rate 15/5, overload flush global) How do I turn on logging? Also, can someone give me good pointers as to what I should log? Being inexperienced, I'm apt to log everything in site :/ TIA, beno