DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 18th June 2008
chamnanpol chamnanpol is offline
New User
 
Join Date: Jun 2008
Posts: 6
Thanked 0 Times in 0 Posts
Default Why PFLOG can't LOG anything?????

FreeBSD 6.2 Server
- lnc0 for private network ip = 192.168.5.1, netmask 255.255.255.0, dns = 192.168.4.2
- lnc1 for internet ip = 192.168.4.4, netmask 255.255.255.0, dns =192.168.4.2
windows xp client
- Lan connet to lnc0 ---- ip = 192.168.5.21, netmask 255.255.255.0, default gateway = 192.168.5.1, dns = 192.168.4.2

Compile for Kernel
ident NAT_inet
options IPFIREWALL
options IPFIREWALL_FORWARD
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=120
options IPDIVERT
device pf
device pflog
device pfsync
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_PRIQ
options ALTQ_NOPCC

rc.conf file
defaultrouter="192.168.5.1"
gateway_enable="YES"
hostname="chalermpol.kmitl.ac.th"
ifconfig_lnc0="inet 192.168.5.1 netmask 255.255.255.0"
inetd_enable="YES"
keymap="us.iso"
linux_enable="YES"
sshd_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""
natd_enable="YES"
natd_interface="lnc1"
natd_flags="-s -u -m"
ifconfig_lnc1="DHCP"
hostname="chalermpol.kmitl.ac.th"

-i don't set anything for /etc/pf.conf
-windows xp client can use internet
-when i type --- tcpdump -n -e -ttt -i lnc0 --- it's will show for packets in real time
-when i type --- tcpdump -n -e -ttt -r /var/log/pflog it's will show like this
---reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog file)----
-why pflog don't log anything?
-how can i set for pf.conf for pflog to log information like this command "tcpdump -n -e -ttt -i lnc0"?
-i don't understand when i read about pf.conf from this link http://www.freebsd.org/cgi/man.cgi?q...ts&format=html
-please help me and show example for me
pleasesssss T-T
Reply With Quote
  #2   (View Single Post)  
Old 18th June 2008
stukov's Avatar
stukov stukov is offline
Real Name: Jean-Michel Philippon-Nadeau
Package Pilot
 
Join Date: May 2008
Location: Sherbrooke, Qc, Canada
Posts: 167
Thanked 6 Times in 6 Posts
Default

Do you log something in your PF ruleset?

For instance, I have:
Code:
block in log all
in my pf.conf.
Then:
Code:
% sudo tcpdump -v -i pflog0
or
Code:
% sudo tcpdump -v -r /var/log/pflog
Will show you what you need to see.
__________________
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction."
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pflog not logging. bsdnewbie999 OpenBSD General 9 13th March 2009 11:19 PM


All times are GMT. The time now is 02:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick