OPNsense Forum
English Forums => Development and Code Review => Topic started by: dgktkr on November 18, 2019, 09:45:54 pm
-
Hi,
I'm running OPNsense 20.1 built from source for an arm device and things generally seem to work.
One thing that doesn't seem to work is logging for pf. It can be enabled in the web GUI, but nothing shows up when using the GUI to view the pf logs.
pf seems to be working properly because tcpdump -n -e -ttt -i pflog0 shows the expected information on filtered packets.
On the other hand, the usual logger daemon doesn't seem to be running: # ps -auxww | grep pflogd
root 37336 0.0 0.2 4632 2088 0 S+ 12:33 0:00.01 grep pflogd and there isn't any apparent log file for pf in /var/log. There's a bunch of other log files, for instance dhcpd.log, that are 511488B in size that look like circular logs.
Has a circular log for pf been implemented in 20.1 source code yet?
Edit: Further investigation seems to reveal that pf logging in OPNsense doesn't use the usual log daemon or log file. Instead, it looks like /usr/local/sbin/filterlog and /var/log/filter.log are used:# ps -auxww | grep filterlog
root 73740 0.0 0.2 5152 2104 - Ss 12:14 0:02.73 /usr/local/sbin/filterlog -i pflog0 -p /var/run/filterlog.pid
root 64192 0.0 0.2 4640 2096 0 S+ 16:06 0:00.01 grep filterlog
But no info is shown up in filter.log: root@OPNsense:/var/log # clog filter.log
root@OPNsense:/var/log # even thought tcpdump shows pflog0 pushing out info at a good rate.
So, is filterlog not working as expected? If not, why not?
-
Hi,
Since this is 20.1 and likely 12.1 and maybe not even the only supported platform amd64 there is no dev build to accommodate... you're on your own for the moment.
Cheers,
Franco