pf used as a module from buildkernel can't log in -current ?
Antoine Brodin
antoine.brodin at laposte.net
Mon Oct 31 02:01:23 PST 2005
I wrote:
> Hi,
>
> I use pf as a module on -current and it worked well until recently.
> Today I noticed that pflogd didn't log anything. It worked correctly
> a month ago.
>
> This seems to be related to revision 1.8 of sys/modules/pf/Makefile
>
> pf says it logs packets :
>
> %%%
> # pfctl -sr -v | grep -A1 log
> ...
> block return-rst log inet proto tcp all
> [ Evaluations: 847 Packets: 8 Bytes: 408 States: 0 ]
> block return-icmp(port-unr) log inet proto udp all
> [ Evaluations: 847 Packets: 58 Bytes: 27811 States: 0 ]
> ...
> %%%
>
> but /var/log/pflog stays empty
>
> opt_pf.h is empty too (that's why I say it's probably related to
> revision 1.8 of sys/modules/pf/Makefile) :
>
> %%%
> % file /usr/obj/usr/src/sys/BARTON/opt_pf.h
> /usr/obj/usr/src/sys/BARTON/opt_pf.h: empty
> %%%
>
> If I rebuild pf.ko in /sys/modules/pf , unload the other one and reload
> this one pflogd does his job.
>
> Is this behaviour expected ?
The attached patch solves this problem
Cheers,
Antoine
-------------- next part --------------
Index: sys/modules/pf/Makefile
===================================================================
RCS file: /home/ncvs/src/sys/modules/pf/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- sys/modules/pf/Makefile 14 Oct 2005 23:30:14 -0000 1.8
+++ sys/modules/pf/Makefile 31 Oct 2005 09:34:57 -0000
@@ -12,11 +12,11 @@
CFLAGS+= -I${.CURDIR}/../../contrib/pf
-.if !defined(KERNBUILDDIR)
opt_pf.h:
echo "#define DEV_PF 1" > opt_pf.h
echo "#define DEV_PFLOG 1" >> opt_pf.h
+.if !defined(KERNBUILDDIR)
opt_inet.h:
echo "#define INET 1" > opt_inet.h
More information about the freebsd-pf
mailing list