pflogd not logging certain rules
Max Laier
max at love2party.net
Tue Nov 6 19:22:53 PST 2007
On Wednesday 07 November 2007, syle ishere wrote:
> pass in log proto { tcp, udp } from any to $ext_if port { 21, 22 }
> flags S/SA keep state \(max-src-conn 5, max-src-conn-rate 5/60,
> overload <bad> flush global)
>
> I use the "pass in LOG" here and it does not log at all.
> I go connect to port 21 or 22 and watch logs and nothing.
> My other logging rules do work for things like:
> pass in log proto tcp from any to $ext_if port 25 keep state
>
> So i know the logging actually does work, but the first line does not,
> any ideas?
Are you sure the rule is even hit? Check with "pfctl -vvvsr" and look at
the match/packets/bytes counters.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20071107/c56eb038/attachment.pgp
More information about the freebsd-pf
mailing list