On Mon, 9 Jan 2006, poncenby smythe wrote:
> On 9 Jan 2006, at 10:43, Olivier Mehani wrote:
>
> > On Sun, Jan 08, 2006 at 10:51:12PM +0000, poncenby smythe wrote:
> > > I am running 3.8 GENERIC on i386 and can't figure out why pf isn't
> > > logging
> > > the packets I've told it to, here is a snippet from /etc/ pf.conf...
> >
> > Maybe a stupid check, but did you enable pf in rc.conf ?
>
> pf is set to NO in /etc/rc.conf, but is enabled with the following commands in
> ppp.linkup script:
>
> adsl:
> ! sh -c "/sbin/ifconfig pflog0 up"
> ! sh -c "/sbin/pfctl -f /etc/pf.conf -e"
>
> the ppp link is called adsl and running pfctl -ss reports pf is enabled.
Why enable pf only when the link is up? It's non-standard and
potentially dangarous. You're better of using the standard way of
enabling pf.
-Otto
