Date: Thu, 16 Sep 2004 03:55:08 -0000 From: Pyun YongHyeon <yongari@kt-is.co.kr> To: pf4freebsd@freelists.org Subject: [pf4freebsd] Re: Using authpf Message-ID: <20031027055730.GA1026@kt-is.co.kr> In-Reply-To: <1067066731.3f9a256b0baf7@imp1-l.free.fr> References: <1067009522.3f9945f26f90e@imp1-a.free.fr> <20031025065139.GA7332@kt-is.co.kr> <1067066731.3f9a256b0baf7@imp1-l.free.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Oct 25, 2003 at 09:25:31AM +0200, novocaine@free.fr wrote: > Quoting Pyun YongHyeon <yongari@kt-is.co.kr>: >=20 > > BTW, I authenticaed successfylly but got the following errors from > > authpf.(running on -CURRENT) >=20 > Thanks I had it working. It seems my authpf.rules was wrong. I also ha= d to > create /var/authpf. >=20 > >=20 > >=20 > > Oct 25 15:33:39 db authpf[693]: DIOCCOMMITRULES Invalid argument > > Oct 25 15:33:39 db authpf[693]: removed 192.168.10.6, user pfuser - = duration > > 1067063619 seconds > > Oct 25 15:33:39 db authpf[693]: cannot unlink /var/authpf/192.168.10= .6 > > (Permission denied) The above error was false alarm. authpf works like a charm. The unlink error message came from my incorrect install. authpf binary should have authpf gid. >=20 > I have the same error, it seems harmless. Authpf is working as expecte= d. >=20 It's NOT harmless. If you still see the above error message, your setup is not correct or there might be an another bugs in authpf. Make sure authpf executable shoule be read as the following. db# ls -al /usr/sbin/authpf=20 -r-sr-sr-x 1 root authpf 125400 Oct 25 15:30 /usr/sbin/authpf (Of course, if you installed authpf from port, authpf will reside in /usr/local/sbin directory.) And directory /var/authpf should have a mode '0770', its uid should be 'root' and its gid should be 'authpf'. Normally you should see the following messages in your /var/log/authpf. ... Oct 27 14:39:37 db authpf[529]: allowing 192.168.10.6, user pfuser Oct 27 14:45:53 db authpf[529]: removed 192.168.10.6, user pfuser - durat= ion 376 seconds After authenticating yourself, you can see applied rule set by authpf with 'pfctl -a authpf -vvsr'. > Thanks again! > - Olivier >=20 --=20 Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031027055730.GA1026>