[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
pflog and enc0 interface
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: pflog and enc0 interface
- From: Tim Kornau <opti_(_at_)_openbsd_(_dot_)_de>
- Date: Thu, 12 Dec 2002 02:33:22 +0100
- Cc: wbx_(_at_)_openbsd_(_dot_)_de
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org, wbx_(_at_)_openbsd_(_dot_)_de
- Reply-to: Tim Kornau <opti_(_at_)_openbsd_(_dot_)_de>
We have encounterd a phenomenon with pflog and the interface enc0
in a pf.conf that looks like this:
block in log all
block out log all
There are more rules, but for the explanation they don't matter if
anyone is interested in the whole pf.conf file, just drop a mail.
We have the interface enc0 up and running.
if we now do this command
tcpdump -n -e -ttt -i pflog0
We are not be able to see packages that are dropped on enc0.
If we add:
block in log on enc0 all
block out log on enc0 all
We will be able to see the blocked packages.
We do think that this might be a kind of misleading. If there is
anyone that has experienced an issue like this before, or if there is
any reference we would like to get some feedback.
Because we would like to know if this is normal behavior?
We did search the pf mailing list archives and looked through documentation,
but we could have missed something.
Thanks in advance
Tim Kornau & Waldemar Brodkorb
darksun rising over blood red sea