Logging and High Availability

  • I set up a high availability system with two Netgate appliances. Almost everything seems to be working fine. However, when I set rules to log I noticed that they are not actually logging. I think the imported rules are working fine (can't check them all), but when I create a new rule and check logging, the GUI shows that there is logging, but the pf rules are not logging (and there are no logs for those rules).

    Here's an example rule by running "pfctl -s rules" that should be logging and shows that it is in the GUI:

    pass in quick on igb0 reply-to (igb0 inet proto tcp from any to <elements_priv>port = http flags S/SA keep state label "USER_RULE: Allow http-https to elements.chem.umass.edu"

    Any suggestions?



Log in to reply