pfblockerng-dev fw stopped logging
-
Hi,
I recently installed pfblockerng-devel and since I enabled and configured it pfsense has stopped logging anything related to the firewall tab in the systemlogs. Initially I thought there was something broken in my pfsense install so I reinstalled it, manually restored certain parts of the firewall using a backup file (nat/fw rules/interfaces/openvpn/aliases). Installed all packages manually afterwards.
At this time I had not configured any packages yet and checked the logs to see if pfsense was still logging fw action. after verifying logging was ok I went ahead and configured the packages one after the other while checking logging in between packages (pkg list suricata/openvpn exporter/cron/ntopng also have getdns/stubby running on it).
The logging stopped again, this time I noticed it happened after enabling pfblockerng..
does this package mess with syslogd ? checked the services and syslogd was still running. i did notice a term signal 15 to syslogd service.. service is still running.
manually stopped the syslogd process through shell and restarted, this did not make a difference. Pfsense logs everthing except the fw tab..
has anyone seen noticed the same before? How can I diagnose the problem regarding logging and get it fixed ?
thanks!
-
The package doesn't touch syslogd. It reads the firewall log and saves pfBlockerNG events to its own log files.
What are you configuring in the package? Can you post a screenshot of the widget? Any errors in the pfblockerng.log or pfSense system log?
-
Hi,
Thanks for your reply. I restored a VM backup up to the time the logging stopped. When reconfiguring pfblocker I made a change to the VIP address to be anything other then ending in a .1 and changed the max lines per log to 1000 instead of 20000. This seems to have solved my problem. Logging works now with all packages I have installed.
