[pf4freebsd] Re: Pfsync patch with latest -current
Bruno Afonso
brunomiguel at dequim.ist.utl.pt
Wed Sep 15 21:08:20 PDT 2004
Bruno Afonso wrote:
> pfsync from Max's patch, rebuilt ifconfig, installed.
>
> devices pf pflog and pfsync in kernel as well as altq options. I still
> have to enable altq'ed fxp driver.
>
> deq# ifconfig pfsync0 up
> deq# pftcpdump -s0 -ni pfsync0
....
Ok, I used pftcpdump which was wrong because it was from the old port.
Though, pfsync support hasn't been implemented in -current's tcpdump :)
deq# tcpdump -eni pfsync0
tcpdump: WARNING: pfsync0: no IPv4 address assigned
tcpdump: unsupported data link type 121
I have added proto 240 to /etc/protocols and inserted the first RULE as:
block drop log on fxp0 proto pfsync all
I see no log in pflog0. I have done:
ifconfig pfsync0 syncif <interface>
in both machines.
If you need further testing, i can try to help out Max.
Best,
BA
--
Bruno Miguel Afonso
Biological Eng. student
D.E.Q. @ I.S.T. - Portugal
GnuPG Public key: http://dequim.ist.utl.pt/~bruno/gpg
More information about the freebsd-pf
mailing list