Re: How to skip broadcast in pf logs
From: Daniel Hartmeier (daniel_at_benzedrine.cx)
Date: 09/23/03
- Next message: RedDrake: "Re: Setting Up A OpenBSD Router"
- Previous message: Gudlyf: "Bug in -current ports for tightvnc"
- In reply to: FM: "How to skip broadcast in pf logs"
- Next in thread: FM: "Re: How to skip broadcast in pf logs"
- Reply: FM: "Re: How to skip broadcast in pf logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 23 Sep 2003 16:59:14 GMT
On 23 Sep 2003 08:44:21 -0700, FM wrote:
> No 'log' word and added 'quick'. These annoying broadcast packets are
> still loged, in spite of my attempts to avoid it. Why?
Make sure you have successfully reloaded the ruleset after editing it.
pfctl -f /etc/pf.conf should produce no error message, and pfctl -sr
should show the newly loaded rules. If those block rules really come
first, they should drop matching packets without logging. Show us
a pflog entry, maybe the reason for logging is not matching a log
rule, but IP options or short packets.
> And how do I track a certain rule number. For example, rule #34,
> "17:38:10.370695 rule 34/0(match): block in on.."
> 'pfctl -s rules' doesn't show number of each rule.
pfctl -vvsr prints @nr in front of each rule, those numbers relate
to the numbers mentioned by pflog.
Daniel
- Next message: RedDrake: "Re: Setting Up A OpenBSD Router"
- Previous message: Gudlyf: "Bug in -current ports for tightvnc"
- In reply to: FM: "How to skip broadcast in pf logs"
- Next in thread: FM: "Re: How to skip broadcast in pf logs"
- Reply: FM: "Re: How to skip broadcast in pf logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
