pf log

Mario Lobo lobo at bsd.com.br
Fri Jan 27 22:43:20 UTC 2017


On Fri, 27 Jan 2017 14:32:27 -0500
Stari Karp <starikarp at yandex.com> wrote:

> On Fri, 2017-01-27 at 12:35 -0600, Noel wrote:
> > On 1/27/2017 11:58 AM, Stari Karp wrote:  
> > > 
> > > Hi!
> > > 
> > > I am using pf firewall on FreeBSD 11.0-RELEASE (amd64). In
> > > /etc/rc.conf
> > > I have:
> > > 
> > > pf_enable="YES"
> > > pflog_enable="YES"
> > > 
> > > I made a new pf.conf on January 8th and in/var/log I have pflog
> > > and after that nothing more. The file has just
> > > "Ôò¡............t...u..."
> > > 
> > > Is it normal or is something wrong, please?
> > >   
> > 
> > That's normal.  The pflog is a binary log (not human readable) you
> > can read with tcpdump.  See the handbook for details.
> > 
> > 
> >   
> tcpdump -v -r /var/log/pflog
> reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog
> file).
> 
> I have nothing in log as I update 10.3 release to FreeBSD-11.0-RELEASE
> 
> I forgot to say that I use FreeBSD as a desktop.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"

From "man pflog"

EXAMPLES
     Create a pflog interface and monitor all packets logged on it:

           # ifconfig pflog1 up
           # tcpdump -n -e -ttt -i pflog1

-- 
Mario Lobo
http://www.mallavoodoo.com.br
FreeBSD since 2.2.8 [not Pro-Audio.... YET!!]
 
"UNIX was not designed to stop you from doing stupid things, 
because that would also stop you from doing clever things."


More information about the freebsd-questions mailing list