[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pflog0 not logging




This morning tcpdumping pflog to my console stop working. What am I doing wrong, and how can I diagnose problems with it.


This is the command I've been using for monitoring pflog0:
# tcpdump -i pflog0 -e -v
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0

these is the lines with in pf.conf that affect pflog0:
ext="fxp1"      # External Connector    XXX.XXX.XXX.XXX  N=/30
set loginterface $ext

I check to see if the interface is up?
# ifconfig pflog0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224

#tcpdump -nxi fxp1
08:54:23.489881 209.167.50.22.44401 > XXX.XXX.XXX.XXX.80: . ack 5841 win 17520 (DF)
4500 0028 fd82 4000 7006 bebe d1a7 3216
8b8e bf42 ad71 0050 484c 9529 bcd2 0808
5010 4470 ccc3 0000 0000 0000 0000
08:54:23.490175 XXX.XXX.XXX.XXX.80 > 209.167.50.22.44401: P 7301:8370(1069) ack 189 win 32120 (DF)
4500 0455 fa22 4000 3f06 eef1 8b8e bf42
d1a7 3216 0050 ad71 bcd2 0dbc 484c 9529
5018 7d78 9803 0000 7769 6474 683d 2231
3030 2220 6865 6967 6874 3d22 3122 2062
6f72 6465 723d 2230 223e 3c2f 7464 3e0d
0909



Now if I do a pfctl -si I see the data changing with the traffic, but still no logs out via tcpdump.



------------------------------------------------------------------------ -------------------------------------
Duncan Matthew Stirling <[email protected]> Cross Media Commerce
Network Administrator Digital Asset Management
http://www.mBase.com Web Content Management
P:780-945-4607 Single Source Print and eCommerce Catalogs
------------------------------------------------------------------------ -------------------------------------