Using 3.8, I am testing logging with pf using (passive) ftp protocol.
I run this command and the output follows:
# tcpdump -tttn not port 22
Dec 07 02:55:53.516091 192.168.2.217.25276 > 64.94.171.114.21: tcp 0 (DF)
[tos 0x10]
Dec 07 02:55:53.553711 64.94.171.114.21 > 192.168.2.217.25276: tcp 24 (DF)
Dec 07 02:55:53.746092 192.168.2.217.25276 > 64.94.171.114.21: tcp 0 (DF)
[tos 0x10]
But this command produces no ouput:
# tcpdump -tttn -i pflog0
I have this rule:
pass out log (all) on $EXT \
inet proto tcp \
from $EXT to any \
port 21 \
flags S/SA modulate state
Why do I not get any output using the pflog0 device? The device is up.
I try the same with port 80 with the same results: pflog0 is not logging.
Neither is pflogd when logging to file.
--
Peter
__________________________________________________________
Find your next car at http://autos.yahoo.ca
