I ran this from CLI: (all on one line of course) /usr/sbin/tcpdump -l -n -e -ttt -i pflog0 | egrep -e "IGMP|TCP|UDP|ESP|IGRP|IGMP|ICMP|esp|tcp|udp|icmp|igmp|igrp" |logger -t pf -p local0.info
And get this ..... egrep: invalid option -- t Usage: egrep [OPTION]... PATTERN [FILE]... Try `egrep --help' for more information. tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes and after a few seconds this shows up ..... 1 packets captured 1 packets received by filter 0 packets dropped by kernel Still nothing in the logs and no output from this command ..... I'm assuming that the mwexe_bg is a php call and therefore omitted it as well the ()s and ""s -- David L. Strout Engineering Systems Plus, LLC ----- Original Message ----- Subject: Re: Re: Re: [pfSense Support] firewall logs .... no show From: [EMAIL PROTECTED] To: [email protected] Date: 01-23-2006 6:08 pm > Here is the command we run to get the logs into syslog: > > Make sure you have the same command running: > > mwexec_bg("/usr/sbin/tcpdump -l -n -e -ttt -i pflog0 | egrep -e > "IGMP|TCP|UDP|ESP|IGRP|IGMP|ICMP|esp|tcp|udp|icmp|igmp|igrp" |logger > -t pf -p local0.info"); > > > On 1/23/06, David Strout <[EMAIL PROTECTED]> wrote: > > Anything I can look at in the CLI that might shed > > some light on the eg: tail -f a file ... I know > > that system.log is NOT tailable. > > -- > > David L. Strout > > Engineering Systems Plus, LLC > > > > ----- Original Message ----- > > Subject: Re: Re: [pfSense Support] firewall logs > > .... no show > > From: [EMAIL PROTECTED] > > To: [email protected] > > Date: 01-23-2006 6:03 pm > > > > > > > Just did a nmap ... > > > > > > Jan 23 18:02:49 WAN XXX.XXX.66.2:3672 > > 216.XXX.XX.X:689 TCP > > > Jan 23 18:02:49 WAN XXX.XXX.66.2:3671 > > 216.XXX.XX.X:673 TCP > > > > > > I really can't fathom why you're logs are STILL > > broken. I need > > > someone else to chime in here that is running > > BVE5. > > > > > > On 1/23/06, David Strout <[EMAIL PROTECTED]> > > wrote: > > > > I tried the BUG VAL 5 pfsemse.iso first but > > had > > > > problems with the ISO burning ... so I > > reverted to > > > > the BUG VAL 3. All went well on the install, > > but > > > > the logs issue still plagues me. > > > > -- > > > > David L. Strout > > > > Engineering Systems Plus, LLC > > > > > > > > ----- Original Message ----- > > > > Subject: Re: [pfSense Support] firewall logs > > .... > > > > no show > > > > From: [EMAIL PROTECTED] > > > > To: [email protected] > > > > Date: 01-23-2006 5:53 pm > > > > > > > > > > > > > Fresh install? If not please reinstall. > > > > > > > > > > On 1/23/06, David Strout > > <[EMAIL PROTECTED]> > > > > wrote: > > > > > > > > > > > > > > > > > > I am running 1.0b2rc5 and I am not seeing > > any > > > > firewall logs ... even when I > > > > > > have the "show raw logs" option checked. > > I > > > > had some problems with this in > > > > > > the first BETA1 release, but I thought it > > was > > > > fixed in this "bug validation" > > > > > > release. > > > > > > > > > > > > Anyone else experiencing the same issues? > > > > > > -- > > > > > > David L. Strout > > > > > > Engineering Systems Plus, LLC > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: > > > > [EMAIL PROTECTED] > > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
