Date: Thu, 16 Sep 2004 17:53:51 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Cc: Hugo Silva <klr@6s-gaming.com> Subject: Re: pf not logging on 5.3-BETA3 ? Message-ID: <200409161754.09205.max@love2party.net> In-Reply-To: <4149AE26.6010103@veldy.net> References: <58653.81.84.174.8.1095267239.squirrel@81.84.174.8> <4149AE26.6010103@veldy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1549983.L2jxta1OzG Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 16 September 2004 17:15, Thomas T. Veldhouse wrote: > Hugo Silva wrote: > >Hi, > > > >I can't make pf log to a logfile on the 5.3-BETA3. I didn't have any > >problems with this on 5.2.1-RELEASE-p9 using the port.. > > > >I can access pflog0 and there I will see entries that are matching the > >blocks, but I can't tail /var/log/pflog (empty). > > > >I've added device pf, pfsync, pflog to the kernel, and have the following > >on rc.conf: > > > >pf_enable=3D"YES" > >pf_logd=3D"YES" > >pflog_logfile=3D"/var/log/pflog" > >pf_rules=3D"/etc/pf.conf" > > > >The ruleset won't load automatically either (I think it should be > >pf_conf=3D, but /etc/defaults/rc.conf shows pf_rules ...). pflogd won't > >start, if I start it by hand it won't work either (starts, exits)... Okay, have you guys read UPDATING? > 20040623: > pf was updated to OpenBSD-stable 3.5 and pflogd(8) is privilege > separated now. It uses the newly created "_pflogd" user/group > combination. If you plan to use pflogd(8) make sure to run > mergemaster -p or install the "_pflogd" user and group manually. > >The /var/log/pflog file is there, owned root:wheel. But no entries are > >being added to the log. If I try to see it like: > > > >[root@evilreborn:/usr/src/sys/i386/conf]# pflog > >tcpdump: WARNING: pflog0: no IPv4 address assigned > >tcpdump: verbose output suppressed, use -v or -vv for full protocol deco= de > >listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size = 96 > >bytes > > > >it works (btw, i had to ifconfig pflog0 up or it wouldn't work, this is > > dumb) > > > >But it won't write the blocked/logged entries to the logfile. Am I missi= ng > >something obvious here? > > I am seeing these same issue. PF is working just fine, but > /var/log/pflog is only 24 bytes long and full of garbage. Remove this before retrying ...=20 > FreeBSD fuggle.veldy.net 5.3-BETA4 FreeBSD 5.3-BETA4 #1: Tue Sep 14 > 22:08:40 CDT 2004 > veldy@fuggle.veldy.net:/usr/src/sys/i386/compile/FUGGLE i386 > > Tom Veldhouse =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1549983.L2jxta1OzG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBSbchXyyEoT62BG0RAn7TAJ9ObjUhdoyS214RPAzaK0DMYhKPOwCfVDsv y2IqrsjKKJVt8sdVvfllDYo= =TfQx -----END PGP SIGNATURE----- --nextPart1549983.L2jxta1OzG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409161754.09205.max>