pf not logging on 5.3-BETA3 ?
Bruno Afonso
brunomiguel at dequim.ist.utl.pt
Thu Sep 16 13:57:30 PDT 2004
Max Laier wrote:
> Are you sure that you have logging rules in place? And are you sure that these
> rules are matched? Please attach the output of "$pfctl -vvsr" if in doubt.
>
> Also, are you using the module or did you build pf into your kernel directly?
> Did you put in "device pflog" as well? What does "$ifconfig pflog0" say?
I'm having the same problem on a previous 5.2.1 with pf port, now BETA4
box. Kernel has the following options:
device pf
device pflog
device pfsync
I didn't check using modules but /etc/rc.d/pflog start does not
correctly start pflogd.
In addition:
- I see that scripts haven't put up pflog0. I set it up.
- Further investigating I realized that mergemaster does not see that I
have missing _pflogd user in passwd(!). I add the user.
- "/etc/rc.d/pflogd start" does not do or produce any output
- pflogd as root works.
- "/etc/rc.d/pflogd stop" does not stop the service.
At this point, I was starting to believe the scripts were non-working.
Then I set
rc_debug="YES" in /etc/rc.conf and...
machine# /etc/rc.d/pflog stop
/etc/rc.d/pflog: DEBUG: checkyesno: pflog_enable is set to NO.
DOH!, I had
pf_logd="Yes"
So, this line has changed from the port version of pf. :-)
/etc/rc.d/pflogd is now apparently working fine.
BA
--
Bruno Afonso
http://dequim.ist.utl.pt/~bruno/sciTocs/ - Bruno's SciTocs!
http://freebsd-pt.org/forum/ - Portuguese FreeBSD forum
More information about the freebsd-pf
mailing list