Freebsd – Creating pflog interface

freebsdnetworkingpf

I'm attempting to create a pflog interface using ifconfig so I can log to more than one file and when I attempt to execute the following command I get this error. I'm attempting this on a vanilla install of the latest FreeBSD.

freebsd# ifconfig create pflog1
ifconfig: interface create does not exist

Any ideas on how to create a second pflog interface? I cannot seem to find any documentation on this and all the books I can find refer to the above command as if it should work with no trouble… =(

Also some more errors:

freebsd# ifconfig -C
lo gif ppp tun faith
freebsd# ifconfig create ppp1
ifconfig: interface create does not exist

Best Answer

you can listen multiple times on the same pflog0 and use bpf filters to split them up

pflogd0 -f /var/log/pf.blocked action block
pflogd0 -f /var/log/pf.passed action pass
pflogd0 -f /var/log/pf.rule.15 rulenum 15
pflogd0 -f /var/log/pf.fxp0 on fxp0

PS. right syntax is ifconfig pflog1 create

Related Solutions

Freebsd – Apache22 on FreeBSD – Starts, does not respond to requests

Try the following:

pstree | less to find the master apache process pid
strace -p <pid> -f to watch the system calls from the process form step 1.
connect to apache with telnet or a web browser.

You may need to install pstree and strace from freebsd ports. You should see scrolling output from strace as it logs the system calls (file opens, etc.) generated by the running apache process. This should give you some clue as to whether apache is actually running and just not producing output for some reason.

This page about debugging apache contains the above info as well as other troubleshooting tips you can use.

Also you mention your access log but not your error log, have you looked at that? There could be some additional diagnostic info there.

EDIT: Duh, you did say you looked at error log, sorry. Also yes, truss is the default freebsd call tracing tool, not strace. Using truss is a better answer since you don't have to compile it from ports like strace.

Freebsd – I am going to chop the FreeBSD automounter into little pieces and boil them in oil

Why, hello there Lars! That's a fascinating question you've asked, and after some research I may have found an answer for you.

According to this and other posts out there, it may be possible to set the VFCF_JAIL attribute on the NFS filesystem provider, which would in theory allow jails to perform NFS mounts. This may, in turn, allow one to run amd inside the jail...which would neatly solve this issue.

I'll try rebuilding the kernel this evening to see how things work out. It's not necessarily the greatest solution (since it means you need to make sure this change persists across future kernel updates), but it would be interesting if it works.

And remember...

           ___________    ____                                           
    ______/   \__//   \__/____\                             
  _/   \_/  :           //____\\                             
 /|      :  :  ..      /        \                         
| |     ::     ::      \        /                             
| |     :|     ||     \ \______/     Don't try to rebuild the
| |     ||     ||      |\  /  |        kernel remotely because
 \|     ||     ||      |   / | \         you know you're just
  |     ||     ||      |  / /_\ \        going to hose the server.
  | ___ || ___ ||      | /  /    \    
   \_-_/  \_-_/ | ____ |/__/      \   
                _\_--_/    \      /   
               /____             /  
              /     \           /    
              \______\_________/

Best Answer

Related Solutions

Freebsd – Apache22 on FreeBSD – Starts, does not respond to requests

Freebsd – I am going to chop the FreeBSD automounter into little pieces and boil them in oil

Related Topic