Date: Wed, 23 Jul 2008 22:57:25 +0200 From: Thomas Rasmussen <thomas@gibfest.dk> To: freebsd-pf@freebsd.org Subject: Re: Why this rule doesn't score a match? Message-ID: <48879B35.1060905@gibfest.dk> In-Reply-To: <d39744a20807231221u11709fd0n434f05e57259375c@mail.gmail.com> References: <d39744a20807231025w42fc4a99ha1e99be5fd5c76b0@mail.gmail.com> <48876DAD.9080100@optiksecurite.com> <d39744a20807231127u11df822rc2022a70b1a1af3e@mail.gmail.com> <d39744a20807231128j6641996i95ee8fec03053b6e@mail.gmail.com> <488780A6.4010807@radel.com> <d39744a20807231221u11709fd0n434f05e57259375c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ivan Petrushev wrote: > Hi Jon, > Aaahhh, I see now - these FROM rules must be TO rules :D > Thank you both for your replies. > > I'm going to monitor the outbond connections as well, but I think I > will be OK then. This was the little stone in the shoe. > I've already managed to let ICMP trough that 'block all' ;) > > Btw, I like the way pflog is working - deploying tcpdump on pflog0 and > track down the logged packets. Is there a way to create another pflog > device and use it for some different rules? I've seen there is an > option to the 'log' keyword - (to pflogX), but I didn't managed to > find out how to create more pflog devices. > > Regards, > Ivan. > Hello, To create another pflog interface do: ifconfig pflog1 create And to create it at boot time add: cloned_interfaces="pflog1" to /etc/rc.conf Regards Thomas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48879B35.1060905>