I am getting syslogging messages now. I have to wait until the evening
to test it live again.
Do the other rules look fine to you? I am used to other products like
Checkpoint. If there is a cleaner way I would like to hear about it.
NAT hosts are in various networks internally. I might have one in the
DMZ right off one ipfilter interface while another host sits on the LAN.
Thanks for the logging tip. The obvious right?
Phil Dibowitz wrote:
mdpeters wrote:
I forgot to add this to my last message.
# svcs | egrep '(pfil|ipfilter)'
online Jan_08 svc:/system/rmtmpfiles:default
online 7:15:21 svc:/network/pfil:default
online 7:15:27 svc:/network/ipfilter:default
I had to fix my syslogd.conf file. I had spaces instead of tab delimited
spaces applied to the /var/log/ipfilter.log line.
And now that you fixed syslog and restarted it, do you get additional logs?
Your problem is this:
messages.1:16886:Jan 7 22:23:35 Osiris ipfilter: [ID 702911
daemon.warning] pfil not plumbed on any network interfaces.
messages.1:16887:Jan 7 22:23:35 Osiris ipfilter: [ID 702911
daemon.warning] No network traffic will be filtered.
This usually means you haven't rebooted since you installed.
