On Wed, 15 Mar 2006 22:48:31 -0600, Vijay Sankar wrote: >Is ifconfig pflog0 up? I am not sure whether this is relevant to your >situation but I sort of recall something like this happening to me a few >years ago. I had forgotten to do turn the interface up and the logs were >never written. > >On Thu, 16 Mar 2006 15:03:57 +1100, Rod.. Whitworth wrote >> On Wed, 15 Mar 2006 20:39:13 -0700, Darrin Chandler wrote: >> >> >Rod.. Whitworth wrote: >> > >> >>I have about a dozen OpenBSD firewalls "out there" and most of them are >> >>pretty minimal having a NATted LAN and the only traffic allowed in >> >>(other than replies to outbound) is ssh. >> >> >> >>The pf.confs are pretty much modifications of a template one with just >> >>the LAN IPs changing. >> >> >> >>The changes in /etc/* are also the same for all of them. >> >> >> >>Just one is not getting anything in pflog. pflogd is running. >> >> >> >> >> > >> >Is there an empty /var/log/pflog, or *no* /var/log/pflog? (just guessing) >> >> Empty. >> It had 24 bytes in it that was dated at install time (last November): >> # hexdump -C /var/log/pflog >> 00000000 d4 c3 b2 a1 02 00 04 00 00 00 00 00 00 00 00 00 >> |TC2!............| >> 00000010 74 00 00 00 75 00 00 00 >> |t...u...| 00000018 so I blew it away and did touch /var/log/pflog >> to create an empty one. >> >> Next question? >> >> Thanks, >> >> >From the land "down under": Australia. >> Do we look <umop apisdn> from up over? >> >> Do NOT CC me - I am subscribed to the list. >> Replies to the sender address will fail except from the list-server. > ifconfog says: pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224
Next? thanx. >From the land "down under": Australia. Do we look <umop apisdn> from up over? Do NOT CC me - I am subscribed to the list. Replies to the sender address will fail except from the list-server.
