On Wednesday 07 November 2007, syle ishere wrote:
> pass in log proto { tcp, udp } from any to $ext_if port { 21, 22 }
> flags S/SA keep state \(max-src-conn 5, max-src-conn-rate 5/60,
> overload <bad> flush global)
>
> I use the "pass in LOG" here and it does not log at all.
> I go connect to port 21 or 22 and watch logs and nothing.
> My other logging rules do work for things like:
> pass in log proto tcp from any to $ext_if port 25 keep state
>
> So i know the logging actually does work, but the first line does not,
> any ideas?Are you sure the rule is even hit? Check with "pfctl -vvvsr" and look at the match/packets/bytes counters. -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
signature.asc
Description: This is a digitally signed message part.
