Date: Tue, 22 Jan 2008 18:45:29 +0100 From: "Zbigniew Szalbot" <zszalbot@gmail.com> To: "Rakhesh Sasidharan" <rakhesh@rakhesh.com> Cc: freebsd-questions@freebsd.org Subject: Re: pflogd log Message-ID: <94136a2c0801220945j164eaf9clffeeda7186242cd1@mail.gmail.com> In-Reply-To: <20080122211202.Q45709@dogmatix.home.rakhesh.com> References: <94136a2c0801220259x1b7dd4efw7a8fc1e8a60d2cc9@mail.gmail.com> <20080122202158.R45709@dogmatix.home.rakhesh.com> <94136a2c0801220845w6bbf50c9q7ba59052c72e871d@mail.gmail.com> <20080122211202.Q45709@dogmatix.home.rakhesh.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, 2008/1/22, Rakhesh Sasidharan <rakhesh@rakhesh.com>: > Zbigniew Szalbot wrote: > > > Hello, > > > > 2008/1/22, Rakhesh Sasidharan <rakhesh@rakhesh.com>: > >> > >>> I noticed that pflog is not being written to. > >>> > >>> $ l /var/log/pflog > >>> -rw-r--r-- 1 root wheel 60 Jan 22 00:00 /var/log/pflog > >>> > >>> However, the process running pflogd runs as _pflogd. Does this mean I > >>> should chown the log file with user _pflogd? > >> > >> I don't think so. Had a look at my machine, /var/log/pflog has permissions > >> like on yours. > >> > >>> _pflogd 248 0.0 0.2 1632 1056 ?? S 6:49AM 0:01.31 > >>> pflogd: [suspended] -s 116 -f /var/log/pflog (pflogd) > >>> > >>> To complete the picture: > >>> > >>> $ ps aux |grep pf > >>> root 36 0.0 0.0 0 8 ?? DL 6:49AM 0:01.04 [softdepflush] > >>> root 246 0.0 0.2 1568 1004 ?? Is 6:49AM 0:00.01 > >>> pflogd: [priv] (pflogd) > >>> _pflogd 248 0.0 0.2 1632 1056 ?? S 6:49AM 0:01.32 > >>> pflogd: [suspended] -s 116 -f /var/log/pflog (pflogd) > >> > >> I don't have pflogd: [suspended] though. Its pflogd: [running] for me. > >> Have you tried restart /etc/rc.d/pflog? > > > > Thanks! Need to find out what is going on. Have restarted pflogd but > > it is still showing suspend for me. > > Try sending the pflogd process a HUP or ALRM signal. That should do the > trick. Funny how I missed it the first time, but I had a look at the > pflogd(8) manpage once again and it talks about this problem. > > This is the para just above the options section. > > Let me know how it goes. > > Also, just noticed now that my /var/log/pflog file doesn't have read perms > for the others group. Would suggest removing that and trying again. > Possible the extra perms are an issue. I do not know. l /var/log/pflog -rw------- 1 root wheel 60 Jan 22 00:00 /var/log/pflog $ ps ax |grep pflog 25478 ?? Is 0:00.01 pflogd: [priv] (pflogd) 25479 ?? S 0:00.03 pflogd: [suspended] -s 116 -f /var/log/pflog (pflogd) 25561 p0 S+ 0:00.01 grep pflog Not really sure what is going on. I tried: kill -HUP 25479 but to no avail. Thanks! Zbigniew Szalbot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?94136a2c0801220945j164eaf9clffeeda7186242cd1>