From owner-freebsd-questions@freebsd.org Fri Jan 27 23:09:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5B2F4CC4902 for ; Fri, 27 Jan 2017 23:09:25 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 161DD17CF for ; Fri, 27 Jan 2017 23:09:25 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: by mail-qk0-x22c.google.com with SMTP id s140so78470467qke.0 for ; Fri, 27 Jan 2017 15:09:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=WUY1lEz1Yo2ZOvU2O9Cl0W7Ac/eJE6BB+6uavjbjOEY=; b=CNX+ztZraZyHTgVb1hRyU8V5ShBZMcmk094Rk6fbIQChGHmKCo5CxUKQyL6jSG3yhE g8vEqqqI8WMq3DwUkQU2HgmbV98oNj0FeJBbVDBcRGBxkKbBU9DKqJJJIr50pMgOjXEN HER6gMmAYryRAd7+OlyK6T3oTCq/ddolpOOzMm9F0xFxmS+FgxXdcBIqSfHMLwFfMap7 LwEC/r+rgyr7uwbcU0hugUnqyNvGrMIB43xHcfcOga8wwYGKD+tVR+vV8ju96EMYUK5/ f1Yuq6UH9cLJAqll0VponfzT4INx3Vev2UDzet4dUxyiLLR82wadmjPsWeFsU+5oWi4e bGsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=WUY1lEz1Yo2ZOvU2O9Cl0W7Ac/eJE6BB+6uavjbjOEY=; b=XnPr3zAcGdvo6b9QWnbftKhdeyjWqiD8PJS0t38734VPSB68EwsvBtWOdseYXUB+Ip qbGWw2q+qV9Tj9GTDGIF3VVxXRbBI2+Rsk9B6lxRr/mEKR9fgm71DbgM3HtwWlFS4ODm qCrvNdgb4AAUrtx6iBr2X5d2jk+hniJLaNFL+/flkPiky1PF1uef/qF/ftFlb6ie/iU4 6DJ6yo9bniO1yZE9QjoVfLYll/LWoD9j1SZOpo7Qz8i7o+VcgsZL3dURU5/ypeL8RWCN SVGrGLq4HlEgmBQhz8A6UQH2YbE0y30RVlZohJxd6ZePVt78d4SI6iwXGBuT6t/LFB8b fplg== X-Gm-Message-State: AIkVDXIIND9cVoJuEFwxCjHGoDKd4AW1L8hloSHSd0J0rT2hgsYdwKHWXY6gdNNx1PGR/u6KEYer2c57FcUupA== X-Received: by 10.55.144.6 with SMTP id s6mr11485540qkd.140.1485558564194; Fri, 27 Jan 2017 15:09:24 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.173.40 with HTTP; Fri, 27 Jan 2017 15:09:23 -0800 (PST) In-Reply-To: <20170127194403.6f9b41cc@Papi> References: <1485539914.4837.6.camel@yandex.com> <1485545547.5165.1.camel@yandex.com> <20170127194403.6f9b41cc@Papi> From: krad Date: Fri, 27 Jan 2017 23:09:23 +0000 Message-ID: Subject: Re: pf log To: Mario Lobo Cc: Stari Karp , FreeBSD Questions Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2017 23:09:25 -0000 you also need log statements in your ruleset. This is all explained in detail in the man pages. On 27 January 2017 at 22:44, Mario Lobo wrote: > On Fri, 27 Jan 2017 14:32:27 -0500 > Stari Karp wrote: > > > On Fri, 2017-01-27 at 12:35 -0600, Noel wrote: > > > On 1/27/2017 11:58 AM, Stari Karp wrote: > > > > > > > > Hi! > > > > > > > > I am using pf firewall on FreeBSD 11.0-RELEASE (amd64). In > > > > /etc/rc.conf > > > > I have: > > > > > > > > pf_enable=3D"YES" > > > > pflog_enable=3D"YES" > > > > > > > > I made a new pf.conf on January 8th and in/var/log I have pflog > > > > and after that nothing more. The file has just > > > > "=C3=94=C3=B2=C2=A1............t...u..." > > > > > > > > Is it normal or is something wrong, please? > > > > > > > > > > That's normal. The pflog is a binary log (not human readable) you > > > can read with tcpdump. See the handbook for details. > > > > > > > > > > > tcpdump -v -r /var/log/pflog > > reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog > > file). > > > > I have nothing in log as I update 10.3 release to FreeBSD-11.0-RELEASE > > > > I forgot to say that I use FreeBSD as a desktop. > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > From "man pflog" > > EXAMPLES > Create a pflog interface and monitor all packets logged on it: > > # ifconfig pflog1 up > # tcpdump -n -e -ttt -i pflog1 > > -- > Mario Lobo > http://www.mallavoodoo.com.br > FreeBSD since 2.2.8 [not Pro-Audio.... YET!!] > > "UNIX was not designed to stop you from doing stupid things, > because that would also stop you from doing clever things." > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" >