Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Logging and High Availability

    HA/CARP/VIPs
    1
    1
    352
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnchem.umass.edu
      last edited by

      I set up a high availability system with two Netgate appliances. Almost everything seems to be working fine. However, when I set rules to log I noticed that they are not actually logging. I think the imported rules are working fine (can't check them all), but when I create a new rule and check logging, the GUI shows that there is logging, but the pf rules are not logging (and there are no logs for those rules).

      Here's an example rule by running "pfctl -s rules" that should be logging and shows that it is in the GUI:

      pass in quick on igb0 reply-to (igb0 128.119.52.254) inet proto tcp from any to <elements_priv>port = http flags S/SA keep state label "USER_RULE: Allow http-https to elements.chem.umass.edu"

      Any suggestions?

      Thanks.

      John</elements_priv>

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.