pf not logging on 5.3-BETA3 ?

Max Laier max at love2party.net
Thu Sep 16 08:55:23 PDT 2004 

On Thursday 16 September 2004 17:15, Thomas T. Veldhouse wrote:
> Hugo Silva wrote:
> >Hi,
> >
> >I can't make pf log to a logfile on the 5.3-BETA3. I didn't have any
> >problems with this on 5.2.1-RELEASE-p9 using the port..
> >
> >I can access pflog0 and there I will see entries that are matching the
> >blocks, but I can't tail /var/log/pflog (empty).
> >
> >I've added device pf, pfsync, pflog to the kernel, and have the following
> >on rc.conf:
> >
> >pf_enable="YES"
> >pf_logd="YES"
> >pflog_logfile="/var/log/pflog"
> >pf_rules="/etc/pf.conf"
> >
> >The ruleset won't load automatically either (I think it should be
> >pf_conf=, but /etc/defaults/rc.conf shows pf_rules ...). pflogd won't
> >start, if I start it by hand it won't work either (starts, exits)...

Okay, have you guys read UPDATING?
> 20040623:
>         pf was updated to OpenBSD-stable 3.5 and pflogd(8) is privilege
>         separated now. It uses the newly created "_pflogd" user/group
>         combination. If you plan to use pflogd(8) make sure to run
>         mergemaster -p or install the "_pflogd" user and group manually.


> >The /var/log/pflog file is there, owned root:wheel. But no entries are
> >being added to the log. If I try to see it like:
> >
> >[root at evilreborn:/usr/src/sys/i386/conf]# pflog
> >tcpdump: WARNING: pflog0: no IPv4 address assigned
> >tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> >listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96
> >bytes
> >
> >it works (btw, i had to ifconfig pflog0 up or it wouldn't work, this is
> > dumb)
> >
> >But it won't write the blocked/logged entries to the logfile. Am I missing
> >something obvious here?
>
> I am seeing these same issue.  PF is working just fine, but
> /var/log/pflog is only 24 bytes long and full of garbage.

Remove this before retrying ... 

> FreeBSD fuggle.veldy.net 5.3-BETA4 FreeBSD 5.3-BETA4 #1: Tue Sep 14
> 22:08:40 CDT 2004
> veldy at fuggle.veldy.net:/usr/src/sys/i386/compile/FUGGLE  i386
>
> Tom Veldhouse

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20040916/3f0627df/attachment.bin

More information about the freebsd-pf mailing list