Project

General

Profile

Actions

Bug #2122

closed

Todo #2109: pfSense on FreeBSD 10.x

pf log output slightly different in FreeBSD 10

Added by Jim Pingle almost 13 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
Start date:
01/20/2012
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:

Description

We can collect any issues we find with pf log output being different on FreeBSD 9 here, and the fallout.

First:
The rule number in the log file is showing up differently than it used to:

Jan 20 19:16:37 pfSense pf: 00:00:01.019773 rule 1..16777216/0(match): block in on ovpnc1: (tos 0x0, ttl 64, id 31861, offset 0, flags [none], proto ICMP (1), length 84)
Jan 20 19:16:37 pfSense pf:     10.0.97.1 > 192.168.18.1: ICMP echo request, id 60625, seq 9, length 64

I'm not sure what the 1..16777216/0 is supposed to indicate, but the rule that blocked that traffic was:

@64 block drop in quick on em0 reply-to (em0 192.168.197.2) inet proto icmp all label "USER_RULE: block ping" 
  [ Evaluations: 20        Packets: 1         Bytes: 60          States: 0     ]
  [ Inserted: uid 0 pid 63203 State Creations: 0     ]

(also not sure why block got a reply-to, but that's probably unrelated)

Actions

Also available in: Atom PDF