Because ftp-proxy creates pf rules "on the fy", or dynamically you cannot have pf log the way you tried
A very simple way to do this logging is using the
-v or
-vv flag. From the ftp-proxy man page:
Code:
-v Set the 'log' flag on pf rules committed by ftp-proxy. Use twice
to set the 'log-all' flag. The pf rules do not log by default.
Another way to log is to use the
-D flag
Code:
-D level
Debug level, ranging from 0 to 7. Higher is more verbose. The
default is 5. (These levels correspond to the syslog(3) levels.)
IIRC this will log to "/var/log/daemon".