Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Feature/fix request: New log handling in pfBlockerNG

    pfBlockerNG
    2
    3
    310
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • keyserK
      keyser Rebel Alliance
      last edited by

      @BBcan177 I'm a HUGE fan of your excellent pfBlockerNG package in pfSense [LOVE IT]

      But there is one (actually kind of two) major issue that really halts the usecases of pfBlockerNG
      The package does not play nice with any sort of central log management systems, and that makes it VERY hard to trace security related incidents where you need info on client behaviour.

      I would most humbly like to ask if you would consider making the below change soon:

      FIX: Change the log rotation scheme for pfb logfiles so anything monitoring/tailing a logfile does not get all events replayed on pfb update/rotation.
      NEW: Please add an independent syslogging option to each logfile so every new entry is also sent off system via Syslog - the format for the sent lines should the be syslog standard instead of CSV.

      I think the latter could be added in a very simple manner by just making the first FIX, and as part of that change the logfile format to syslog standard.
      Then you could use the pfsense built-in syslog setup by just placing a pfb.conf file in /var/etc/syslog.d as all .conf files there are included by default.

      I know this is asking a lot, so please accept my apology for asking it so directly.

      -Keyser

      Love the no fuss of using the official appliances :-)

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @keyser
        last edited by

        @keyser You can (also) put a feature request in at: https://redmine.pfsense.org/projects/pfsense-packages/issues?set_filter=1&tracker_id=2

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        keyserK 1 Reply Last reply Reply Quote 0
        • keyserK
          keyser Rebel Alliance @SteveITS
          last edited by

          @SteveITS Already did that by throwing My wheight Behind an existing ticket

          https://redmine.pfsense.org/issues/14878

          Love the no fuss of using the official appliances :-)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.