logging to another machine
Sam Leffler
sam at errno.com
Sun Sep 4 22:32:19 PDT 2005
I'm converting an ipfw-based firewall to pf. The firewall runs on a
soekris where there's little space. I currently redirect ipfw log msgs
via syslog to another machine. Is there a similar way to do this with
pf? I'm not keen on accumulating stuff to the memory disk and flushing
it periodically because that leaves me open to losing stuff and also
requires I run cron or something similar on the firewall.
In lieu of something intelligent I tried using logger and tcpdump with
something like:
tcpdump -i pflog0 -n -e -ttt | logger -p local7.info -h sysloghost
but that didn't work for some reason. Regardless it'd be nice to have
something less klunky and with less overhead.
Sam
More information about the freebsd-pf
mailing list