I'm playing with the latest 5.3 snapshot and I'm getting an always-empty /var/log/pflog. I'm wondering if there's a problem with the snapshot (unlikely) or something I did wrong in my configuration (much more likely).
ps -aux shows "pflogd" is not running, which I assume is the source of the problem. In rc.conf (which I did not change of course) the pf lines are: pf=YES # Packet filter / NAT pf_rules=/etc/pf.conf # Packet filter rules file pflogd_flags= # add more flags, e.g. "-s 256" And here's my rc.conf.local: ntpd_flags="" hotplugd_flags="" named_flags="" check_quotas=NO That's it. Is there something I should be doing in rc.conf.local or elsewhere to get pflogd running? (I could do pflogd_flags=YES, maybe, but I thought that wasn't necessary, that pflogd would start automagically if pf was enabled.)
