Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No firewall logs in 2.5.0 snapshot

    2.5 Development Snapshots (Retired)
    4
    10
    418
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      strangegopher
      last edited by

      I don't see any firewall logs after doing fresh install from image (restore config.xml and reinstalled packages)

      Here is the output of /var/log/filter.log

      Mar 18 11:34:36 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:34:49 router filterlog[70359]: 173,,,1770008575,igb2.101,match,block,in,0,bad-hlen=0),0
Mar 18 11:35:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:35:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:35:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:35:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:35:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=4),10
Mar 18 11:35:25 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:35:45 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:36:55 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-hlen=0),2
Mar 18 11:37:21 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:22 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:55 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 11:37:56 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:38:07 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=16),1
Mar 18 11:38:17 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:38:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:38:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:39:20 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:39:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:39:57 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:39:58 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:40:04 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:40:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:41:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-len=0,2
Mar 18 11:41:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:41:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:41:38 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,4,bad-len=0,
Mar 18 11:42:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=4),10
Mar 18 11:42:05 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:42:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-hlen=4),2
Mar 18 11:42:18 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 11:42:51 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:43:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-hlen=4),12
Mar 18 11:43:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:43:25 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:43:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-hlen=16),11
Mar 18 11:43:41 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=12),1
Mar 18 11:43:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-hlen=16),15
Mar 18 11:44:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=8),7
Mar 18 11:44:16 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=12),10
Mar 18 11:44:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-hlen=12),15
Mar 18 11:44:48 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:45:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-len=0,1
Mar 18 11:45:31 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=16),1
Mar 18 11:46:29 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-len=0,15
Mar 18 11:46:38 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:46:41 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 11:46:45 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 11:47:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:47:52 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:47:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:48:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:48:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 11:48:03 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:48:10 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 11:48:30 router filterlog[70359]: 4,,,1000000103,igb3,match,block,iCLOGm๏ฟฝ๏ฟฝ
      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Can you run clog /var/log/filter.log and post that instead? You posted the binary version which may not exactly match the text version.

        There is probably something in filterlog that needs updated to match pf on FreeBSD 12

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        S 1 Reply Last reply Reply Quote 0
        • S
          strangegopher @jimp
          last edited by

          @jimp here it is:

          Mar 18 11:36:55 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-hlen=0),2
Mar 18 11:37:21 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:22 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:37:55 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 11:37:56 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:38:07 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=16),1
Mar 18 11:38:17 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:38:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:38:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:39:20 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:39:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:39:57 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:39:58 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:40:04 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:40:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:40:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:41:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-len=0,2
Mar 18 11:41:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:41:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:41:38 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,4,bad-len=0,
Mar 18 11:42:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=4),10
Mar 18 11:42:05 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:42:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-hlen=4),2
Mar 18 11:42:18 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 11:42:51 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:43:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-hlen=4),12
Mar 18 11:43:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:43:25 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:43:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-hlen=16),11
Mar 18 11:43:41 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=12),1
Mar 18 11:43:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-hlen=16),15
Mar 18 11:44:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=8),7
Mar 18 11:44:16 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=12),10
Mar 18 11:44:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-hlen=12),15
Mar 18 11:44:48 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:45:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-len=0,1
Mar 18 11:45:31 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=16),1
Mar 18 11:46:29 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-len=0,15
Mar 18 11:46:38 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:46:41 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 11:46:45 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 11:47:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:47:52 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:47:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:48:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:48:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 11:48:03 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:48:10 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 11:48:30 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:48:33 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:48:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,error='truncated-ip6 - 12038 bytes missing!',0x0a,0x50000,41,unknown,250,12038,c3b5:1828:6037:f498:a67f:17:6037:f498,::6002:a420:c855:0:204:550,
Mar 18 11:48:50 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=4),7
Mar 18 11:49:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,truncated-ip6=36,
Mar 18 11:49:19 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-hlen=12),11
Mar 18 11:49:23 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:49:32 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:49:37 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:50:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-len=0,2
Mar 18 11:50:05 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:50:51 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,truncated-ip6=36,
Mar 18 11:51:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 11:51:17 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=4),0
Mar 18 11:51:21 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 11:51:22 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-len=0,1
Mar 18 11:51:27 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:51:31 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-len=0,1
Mar 18 11:51:46 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-len=0,11
Mar 18 11:51:53 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=16),7
Mar 18 11:52:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-len=0,9
Mar 18 11:52:36 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=12),1
Mar 18 11:52:40 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-len=0,15
Mar 18 11:53:21 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:53:40 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 11:53:45 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-len=0,8
Mar 18 11:54:16 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,4,bad-len=0,
Mar 18 11:54:20 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-hlen=4),13
Mar 18 11:54:23 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,9,bad-hlen=8),9
Mar 18 11:54:35 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-hlen=4),8
Mar 18 11:54:57 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:55:12 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 11:55:46 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 11:56:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=8),7
Mar 18 11:56:13 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:56:35 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 11:57:35 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-len=0,11
Mar 18 11:57:42 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,15,bad-len=0,15
Mar 18 11:58:03 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 11:58:17 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,4,bad-len=0,
Mar 18 11:58:28 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,truncated-ip6=36,
Mar 18 11:59:06 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=12),10
Mar 18 11:59:07 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 11:59:16 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-len=0,1
Mar 18 12:00:04 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-hlen=8),3
Mar 18 12:00:09 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-hlen=0),11
Mar 18 12:00:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-hlen=8),10
Mar 18 12:00:42 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 12:00:58 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 12:01:22 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,8,bad-hlen=16),8
Mar 18 12:01:24 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 12:01:55 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-len=0,11
Mar 18 12:02:13 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 12:02:45 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 12:03:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-len=0,0
Mar 18 12:03:51 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-hlen=0),12
Mar 18 12:04:10 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-len=0,13
Mar 18 12:04:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 12:04:14 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-len=0,11
Mar 18 12:04:20 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,1,bad-hlen=0),1
Mar 18 12:04:21 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 12:04:27 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-len=0,7
Mar 18 12:04:38 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,5,bad-len=0,5
Mar 18 12:04:47 router filterlog[70359]: 173,,,1770008575,igb2.101,match,block,in,0,bad-hlen=0),0
Mar 18 12:04:51 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,14,bad-len=0,14
Mar 18 12:05:11 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,10,bad-len=0,10
Mar 18 12:05:13 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,11,bad-len=0,11
Mar 18 12:05:48 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 12:05:52 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-hlen=12),3
Mar 18 12:05:54 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,3,bad-len=0,3
Mar 18 12:06:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 12:06:00 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,13,bad-hlen=16),13
Mar 18 12:06:01 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 12:06:03 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 12:06:07 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 12:06:10 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,12,bad-len=0,12
Mar 18 12:06:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,0,bad-hlen=0),0
Mar 18 12:06:26 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,2,bad-len=0,2
          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            @strangegopher said in No firewall logs in 2.5.0 snapshot:

            Mar 18 11:48:47 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,error='truncated-ip6 - 12038 bytes missing!',0x0a,0x50000,41,unknown,250,12038,c3b5:1828:6037:f498:a67f:17:6037:f498,::6002:a420:c855:0:204:550,
            Mar 18 11:48:50 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,7,bad-hlen=4),7
            Mar 18 11:49:15 router filterlog[70359]: 4,,,1000000103,igb3,match,block,in,6,truncated-ip6=36,

            I checked on one of mine and it had similar errors.

            I opened https://redmine.pfsense.org/issues/9411 to track this.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            S 1 Reply Last reply Reply Quote 1
            • S
              strangegopher @jimp
              last edited by

              @jimp here is what pflog0 tcpdump looks like

              # tcpdump -n -e -ttt -i pflog0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes
 00:00:00.000000 rule 4/0(match): block in on igb3: IP0 
 00:00:00.510115 rule 4/0(match): block in on igb3: IP14 
 00:00:00.514933 rule 4/0(match): block in on igb3: IP12 
 00:00:00.514640 rule 4/0(match): block in on igb3: IP7 
 00:00:00.515169 rule 4/0(match): block in on igb3: IP5 
 00:00:00.514514 rule 4/0(match): block in on igb3: IP2 
 00:00:00.514623 rule 4/0(match): block in on igb3: IP14 
 00:00:01.033917 rule 4/0(match): block in on igb3: IP1 
 00:00:00.512524 rule 4/0(match): block in on igb3: IP13 
 00:00:14.935477 rule 4/0(match): block in on igb3: IP0 
 00:00:01.006694 rule 4/0(match): block in on igb3: IP0 
 00:00:02.016589 rule 4/0(match): block in on igb3: IP0 
 00:00:04.130374 rule 4/0(match): block in on igb3: IP0 
 00:00:08.193228 rule 4/0(match): block in on igb3: IP0 
 00:00:01.219353 rule 4/0(match): block in on igb3: IP3
              1 Reply Last reply Reply Quote 0
              • K
                kossie
                last edited by kossie

                I'm having same issue aswell.

                Firewall is blocking/allowing stuff as normal but isn't recording it in the logs.

                1 Reply Last reply Reply Quote 0
                • JeGrJ
                  JeGr LAYER 8 Moderator
                  last edited by 

                  Mar 19 12:26:15 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,6,error='truncated-ip6 - 65380 bytes missing!',0x96,0xd0000,186,unknown,109,65392,a00:fa0b:e000:12:21fa:7:1:1562,4ed5:3f5:c85:cfc1:7985:f0e8:d619:7bee,
Mar 19 12:26:15 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:16 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:16 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:16 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,6,error='truncated-ip6 - 65380 bytes missing!',0x7d,0x70000,80,unknown,111,65392,a00:fa0b:e000:12:21fa:7:1:1562,4ed5:3f5:c85:cfc1:7985:f0e8:d619:7bee,
Mar 19 12:26:17 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,11,bad-len=0,11
Mar 19 12:26:17 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:17 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:18 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:18 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:18 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,2,bad-hlen=0),2
Mar 19 12:26:19 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:19 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:19 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,3,bad-len=0,3
Mar 19 12:26:20 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,6,error='truncated-ip6 - 65380 bytes missing!',0xce,0xd0000,58,unknown,106,65392,a00:fa0b:e000:12:21fa:7:1:1562,4ed5:3f5:c85:cfc1:7985:f0e8:d619:7bee,
Mar 19 12:26:20 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:20 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:21 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:21 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:21 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,13,bad-hlen=16),13
Mar 19 12:26:22 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,15,bad-len=0,15
Mar 19 12:26:22 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:22 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:23 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:23 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:23 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,9,bad-len=0,9
Mar 19 12:26:24 pfs-devel filterlog[8249]: 6,,,1000000105,em0,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:24 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0
Mar 19 12:26:24 pfs-devel filterlog[8249]: 4,,,1000000103,em0,match,block,in,4,bad-len=0,
Mar 19 12:26:25 pfs-devel filterlog[8249]: 6,,,1000000105,em1,match,block,in,0,bad-hlen=0),0

                  That's my filterlog. But I'm missing blocks that actually should appear on em0 / WAN as I forced connections from the system in front of it to ports like 12345/tcp to show up. But no sign of it.

                  Greets

                  Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                  If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    We are still investigating. This happened ~3 years ago, I think when we moved to FreeBSD 11 the first time. A data structure in pf changed size or layout and filterlog had to be changed to match. Until we get that fixed, it doesn't matter what you see in the log, it's all wrong.

                    Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 2
                    • S
                      strangegopher
                      last edited by

                      Just updated to latest snapshot and I see logs again!
                      I see invalid filterlog bug is still in progress so I am probably not seeing all the logs.
                      But something is better than nothing for now.

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by jimp

                        There were two bugs at play here, both of which should be corrected on current snapshots:

                        • filterlog needed adjusting for 64-bit platforms: https://redmine.pfsense.org/issues/9411
                        • The firewall log parser needed adjusting for a slight change in the syslog format of the process name: https://redmine.pfsense.org/issues/9415

                        Even though that bug is marked "in progress" it's most likely fixed everywhere.

                        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 2
                        • First post
                          Last post