Marco Grigull wrote:
On Sat, 1 Feb 2003 16:12:26 +0100
Daniel Hartmeier <[EMAIL PROTECTED]> wrote:
On Sat, Feb 01, 2003 at 04:14:32PM +0100, Cedric Berger wrote:
Marco Grigull wrote:
pass in log on $ext_if dup-to $dmz_if all
How's dmz_if defined? did you put the IP of your
loghost/IDS in there? If not, I think you should.
Yes, try this:
pass in log on $ext_if dup-to ($dmz_if 10.1.2.3) all
replacing 10.1.2.3 with the IP address of your loghost.
this rule loads, though I cannot see all (or any) of the traffic that
would be viewable on ext_if with tcpdump. pflog reveals nothing either
Is this rule the LAST one that matches your input packets?
Are you sure there is no "quick" rule before?
Cedric
