Can't get remote logging of PPTP info working on 2.0RC3
Couldn't really find the best forum for this, so…..
After upgrading a box from 1.2.3 to 2.0-RC3 (Sept 11 snapshot), I noticed that the remote syslogging doesn't log all of the same information as 1.2.3 did. My main concern is the PPTP server logs (so I can easily go back through the logs to see the progress of an older PPTP connection). I currently have remote syslog enabled, and I have the "Everything" option checked. I see many log entries that come in (mostly firewall rule matches), but I never see the full PPTP log entries when some connects to the VPN. The only entries I see are one line entries that say when someone logs in or logs out.
Sep 15 16:59:11 firewall-office2 root: login,pptpd0,192.168.5.161,SOMEUSER
Is there something else I'm missing to get these log entries back? It sounds similar to this issue: http://forum.pfsense.org/index.php?topic=19090.0
When I check "PPTP VPN Events", I actually start getting IPsec logging entries (that weren't getting there before), but no PPTP entries. Here is what my /etc/syslog.conf looks like with "PPTP VPN Events" and "Everything" checked.
!ntpdate,!ntpd *.* %/var/log/ntpd.log !ppp *.* %/var/log/ppp.log !pptps *.* %/var/log/pptps.log !poes *.* %/var/log/poes.log !l2tps *.* %/var/log/l2tps.log !racoon *.* %/var/log/ipsec.log *.* @192.168.5.28 !openvpn *.* %/var/log/openvpn.log *.* @192.168.5.28 !apinger *.* %/var/log/apinger.log !relayd *.* %/var/log/relayd.log !-ntpd,racoon,openvpn,pptps,poes,l2tps local0.* %/var/log/filter.log local3.* %/var/log/vpn.log local4.* %/var/log/portalauth.log local7.* %/var/log/dhcpd.log *.notice;kern.debug;lpr.info;mail.crit; %/var/log/system.log news.err;local0.none;local3.none;local4.none; %/var/log/system.log local7.none %/var/log/system.log security.* %/var/log/system.log auth.info;authpriv.info;daemon.info %/var/log/system.log auth.info;authpriv.info |exec /usr/local/sbin/sshlockout_pf 15 *.emerg * local3.* @192.168.5.28 *.* @192.168.5.28