pfSense

System log:

Apr 18 08:48:00 fw1 sshguard[24159]: Now monitoring attacks.

Apr 18 09:04:00 fw1 sshguard[24159]: Exiting on signal.

Apr 18 09:04:00 fw1 sshguard[39953]: Now monitoring attacks.

Apr 18 09:19:00 fw1 sshguard[39953]: Exiting on signal.

Apr 18 09:19:00 fw1 sshguard[27967]: Now monitoring attacks.

Apr 18 09:34:00 fw1 sshguard[27967]: Exiting on signal.

Apr 18 09:34:00 fw1 sshguard[13151]: Now monitoring attacks.

Apr 18 09:36:00 fw1 sshguard[13151]: Exiting on signal.

Apr 18 09:36:00 fw1 sshguard[38117]: Now monitoring attacks.

Apr 18 09:50:00 fw1 sshguard[38117]: Exiting on signal.

Apr 18 09:50:00 fw1 sshguard[50187]: Now monitoring attacks.

Apr 18 10:09:29 fw1 syslogd: kernel boot file is /boot/kernel/kernel

Apr 18 10:09:29 fw1 kernel: ---<<BOOT>>---

Apr 18 10:09:29 fw1 kernel: Copyright (c) 1992-2021 The FreeBSD Project.

Apr 18 10:09:29 fw1 kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994

IPSec log:

Apr 18 09:54:34 fw1 charon[1823]: 11[NET] <con3|5355> sending packet: from FW-IP[4500] to RANDOM-IP[4500] (80 bytes)

Apr 18 09:54:34 fw1 charon[1823]: 11[NET] <con3|5355> received packet: from RANDOM-IP[4500] to FW-IP[4500] (80 bytes)

Apr 18 09:54:34 fw1 charon[1823]: 11[ENC] <con3|5355> parsed INFORMATIONAL response 292 [ ]

Apr 18 09:54:34 fw1 charon[1823]: 11[IKE] <con3|5355> activating new tasks

Apr 18 09:54:34 fw1 charon[1823]: 11[IKE] <con3|5355> nothing to initiate

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341> sending DPD request

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341> queueing IKE_DPD task

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341> activating new tasks

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341>   activating IKE_DPD task

Apr 18 09:54:35 fw1 charon[1823]: 11[ENC] <con1|5341> generating INFORMATIONAL request 5610 [ ]

Apr 18 09:54:35 fw1 charon[1823]: 11[NET] <con1|5341> sending packet: from FW-IP[500] to RANDOM-IP[500] (80 bytes)

Apr 18 09:54:35 fw1 charon[1823]: 11[NET] <con1|5341> received packet: from XXXX[500] to FW-IP[500] (80 bytes)

Apr 18 09:54:35 fw1 charon[1823]: 11[ENC] <con1|5341> parsed INFORMATIONAL response 5610 [ ]

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341> activating new tasks

Apr 18 09:54:35 fw1 charon[1823]: 11[IKE] <con1|5341> nothing to initiate

Apr 18 10:13:45 fw1 charon[89416]: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.6, FreeBSD 12.3-STABLE, amd64)

Apr 18 10:13:45 fw1 charon[89416]: 00[CFG] PKCS11 module '<name>' lacks library path

Apr 18 10:13:45 fw1 charon[89416]: 00[KNL] unable to set UDP_ENCAP: Invalid argument

Apr 18 10:13:45 fw1 charon[89416]: 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed

Apr 18 10:13:45 fw1 charon[89416]: 00[CFG] loading unbound resolver config from '/etc/resolv.conf'

Apr 18 10:13:45 fw1 charon[89416]: 00[CFG] loading unbound trust anchors from '/usr/local/etc/ipsec.d/dnssec.keys'

Apr 18 10:13:45 fw1 charon[89416]: 00[CFG] ipseckey plugin is disabled

Apr 18 10:13:45 fw1 charon[89416]: 00[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts'

Gatways log:

Apr 18 10:09:36 fw1 dpinger[57081]: send_interval 500ms  loss_interval 2000ms  time_period 60000ms  report_interval 0ms  data_len 1  alert_interval 1000ms  latency_alarm 500ms  loss_alarm 20%  dest_addr ISP  bind_addr FW-IP  identifier "GW_WAN_2 "

Apr 18 10:09:36 fw1 dpinger[57657]: send_interval 500ms  loss_interval 2000ms  time_period 60000ms  report_interval 0ms  data_len 1  alert_interval 1000ms  latency_alarm 500ms  loss_alarm 20%  dest_addr 192.168.100.3  bind_addr 192.168.100.90  identifier "IPMI_DHCP "

Apr 18 10:09:37 fw1 dpinger[57081]: exiting on signal 15

Resolver log:

[2.7.0-DEVELOPMENT][admin@]/var/log: tail -3000 resolver.log |more

Apr 18 10:15:00 fw1 newsyslog[24241]: logfile turned over due to size>878K