From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 27 05:04:20 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A12F616A4CE
	for <questions@FreeBSD.ORG>; Tue, 27 Apr 2004 05:04:20 -0700 (PDT)
Received: from smtp-out6.blueyonder.co.uk (smtp-out6.blueyonder.co.uk
	[195.188.213.9])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9DB6543D46
	for <questions@FreeBSD.ORG>; Tue, 27 Apr 2004 05:04:19 -0700 (PDT)
	(envelope-from jfm@blueyonder.co.uk)
Received: from lexx ([82.37.145.193]) by smtp-out6.blueyonder.co.uk with
	Microsoft SMTPSVC(5.0.2195.5600);	 Tue, 27 Apr 2004 13:04:20 +0100
From: John Murphy <jfm@blueyonder.co.uk>
To: Dev Tugnait <dev@unixdaemon.org>
Date: Tue, 27 Apr 2004 13:04:16 +0100
Message-ID: <j0js80hpj92ovpsen2faf2dk3e9rt3n8qr@4ax.com>
References: <b75r80d3visorpqfkpl8f6h0u2megdd2gl@4ax.com>
	<20040427090313.GA35577@hellsing.vampire.net>
	<50338.145.221.92.40.1083056794.squirrel@webmail.evilcoder.org>
	<20040427091328.GC35577@hellsing.vampire.net>
In-Reply-To: <20040427091328.GC35577@hellsing.vampire.net>
X-Mailer: Forte Agent 1.93/32.576 English (American)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
X-OriginalArrivalTime: 27 Apr 2004 12:04:20.0323 (UTC)
	FILETIME=[C5A5C330:01C42C4F]
cc: questions@FreeBSD.ORG
cc: remko@elvandar.org
Subject: Re: ipf not loging (5.2.1)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: jfm@blueyonder.co.uk
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Apr 2004 12:04:20 -0000

Thanks both for the suggestions.  I tried:
ipmon_flags=3D"-Dsn" and ipmon_flags=3D"-oi /var/log/ipflog"
to no avail.  I even read man ipmon!

As far as I can tell ipmon is not starting via rc.conf.
If I start it manually with:
ipmon -P -D -oi /var/log/ipflog it works (although I don't
see a PID in /var/run even if I leave out the -D).

The FM could do with updating as it also says:
   In order for ipmon to properly work, the kernel option
   IPFILTER_LOG must be turned on in your kernel.  Please
   see options(4) for more details.

There is no IPFILTER_LOG kernel option mentioned in GENERIC
or NOTES and there is no options(4) man page (FreeBSD-5.2.1).

Woohoo :) Just found a PR and a fix:
http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dmisc%2F56715

--=20
John.