Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 27 Jan 2017 19:44:03 -0300
From:      Mario Lobo <lobo@bsd.com.br>
To:        Stari Karp <starikarp@yandex.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: pf log
Message-ID:  <20170127194403.6f9b41cc@Papi>
In-Reply-To: <1485545547.5165.1.camel@yandex.com>
References:  <1485539914.4837.6.camel@yandex.com> <a0d0904b-20c1-f4d7-4497-f96934b1cf7f@gmail.com> <1485545547.5165.1.camel@yandex.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 27 Jan 2017 14:32:27 -0500
Stari Karp <starikarp@yandex.com> wrote:

> On Fri, 2017-01-27 at 12:35 -0600, Noel wrote:
> > On 1/27/2017 11:58 AM, Stari Karp wrote: =20
> > >=20
> > > Hi!
> > >=20
> > > I am using pf firewall on FreeBSD 11.0-RELEASE (amd64). In
> > > /etc/rc.conf
> > > I have:
> > >=20
> > > pf_enable=3D"YES"
> > > pflog_enable=3D"YES"
> > >=20
> > > I made a new pf.conf on January 8th and in/var/log I have pflog
> > > and after that nothing more. The file has just
> > > "=C3=94=C3=B2=C2=A1............t...u..."
> > >=20
> > > Is it normal or is something wrong, please?
> > >  =20
> >=20
> > That's normal.=C2=A0=C2=A0The pflog is a binary log (not human readable=
) you
> > can read with tcpdump.=C2=A0=C2=A0See the handbook for details.
> >=20
> >=20
> >  =20
> tcpdump -v -r /var/log/pflog
> reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog
> file).
>=20
> I have nothing in log as I update 10.3 release to FreeBSD-11.0-RELEASE
>=20
> I forgot to say that I use FreeBSD as a desktop.
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"

=46rom "man pflog"

EXAMPLES
     Create a pflog interface and monitor all packets logged on it:

           # ifconfig pflog1 up
           # tcpdump -n -e -ttt -i pflog1

--=20
Mario Lobo
http://www.mallavoodoo.com.br
FreeBSD since 2.2.8 [not Pro-Audio.... YET!!]
=20
"UNIX was not designed to stop you from doing stupid things,=20
because that would also stop you from doing clever things."

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170127194403.6f9b41cc>