Firewall Log Missing

m3usv0x · Apr 6, 2014, 7:51 PM

In the GUI, System Logs, firewall tab, nothing is displayed whatsoever.
I checked and the log exists and is being populated.
Checking "show raw filter logs", the GUI properly displays its contents.

Would like a solution, not seriously crucial; just bringing this to attention.

jimp · Apr 7, 2014, 6:59 PM

That area is being worked on.

We're moving to a custom log daemon to take the pf logs and put them into an easy-to-parse one line CSV style.

fragsteel · Apr 19, 2014, 11:30 PM

Is there any place we can track progress on this? Or even possibly help out?

If not, is there any rough ETA?

Thanks!

m3usv0x · Apr 29, 2014, 5:10 AM

This is apparently fixed now, however after just installing the latest snapshot it doesn't seem to be functioning.
I still have to have raw logs enabled.

eri-- · Apr 29, 2014, 8:12 AM

So you have raw logs configured?

m3usv0x · Apr 29, 2014, 5:27 PM

Yes, that's correct.

I saw from a post made later than mine, where you Ermal, said that it's working now. I installed the snapshot from last night.
However, upon my own trial the only way I can see any output in the firewall log is to have raw logs enabled.

jimp · Apr 29, 2014, 5:31 PM

It's working for me on the latest snapshot(s), I get more than I really need :-)

Lots of rules we have set to pass log out for some reason on 2.2, but it's definitely working to parse the logs. The device and VM I was testing are amd64 though. Are you running amd64 or i386?

m3usv0x · Apr 29, 2014, 5:42 PM

i386, Mr. Sir.

m3usv0x · May 5, 2014, 2:24 AM

Still no log as of the 4th of May build on AMD64.

charliem · May 5, 2014, 12:38 PM

@m3usv0x:

Still no log as of the 4th of May build on AMD64.

Same here, x86-64 build. Log file is normal, but nothing in the gui. What daemon debugging do you want?

NeverSimple · May 6, 2014, 5:08 PM

2.2-ALPHA (amd64)
built on Tue May 06 04:01:46 CDT 2014

Something is indeed still wrong, no firewall log output on the GUI. If I enable 'raw logs' there are entries in the 'normal view'; 'dynamic view' & 'summary view' stay empty.

I also seem to have problems with the 'system log: settings'. I changed the log file size to 1000000 bytes to experiment, on one of the earlier snapshots. Now whatever I put in as size (including 0) it always comes back to 1000000. Whenever I try to change this setting I get: 'Do you really want to reset the log files? This will erase all local log data.' and click 'OK'. After a second or so, a message appears telling:'The log files have been reset.' The log file size mentioned in the same section never changes however, It always stays on 18M. The 'reset log file' button on the same page also doesn't seem to change anything.

jimp · May 7, 2014, 4:31 PM

I haven't see that issue with the file size adjustment. You would not want to set it to zero, but it should let you leave it blank.

(posted this part in another thread, but copying here)
[The rules were] working but had broken again… This morning it appears to be OK. The rule lookup code is fixed in the repo now, the current snapshot will do rule lookups when you click on the action icon, but the row/column description display doesn't work until the commit I pushed a few minutes ago.

So by the next snapshot (or current snap + gitsync to master) it should be OK all around.

jimp · May 7, 2014, 4:36 PM

@NeverSimple:

I also seem to have problems with the 'system log: settings'. I changed the log file size to 1000000 bytes to experiment, on one of the earlier snapshots. Now whatever I put in as size (including 0) it always comes back to 1000000. Whenever I try to change this setting I get: 'Do you really want to reset the log files? This will erase all local log data.' and click 'OK'. After a second or so, a message appears telling:'The log files have been reset.' The log file size mentioned in the same section never changes however, It always stays on 18M. The 'reset log file' button on the same page also doesn't seem to change anything.

OK I think I see what you're doing. The "Reset Log Files" button does not save the setting. You change the value, press save, then press Reset Log Files to clear the logs. The description on the option doesn't specifically say you have to save first, so I'll change the description.

NeverSimple · May 7, 2014, 7:28 PM

@jimp:

The "Reset Log Files" button does not save the setting. You change the value, press save, then press Reset Log Files to clear the logs. The description on the option doesn't specifically say you have to save first, so I'll change the description.

That does seem to work. With your explanation it seems perfectly logical, but maybe not very intuitive? Adding to the description would be a good idea.

@jimp:

I haven't see that issue with the file size adjustment. You would not want to set it to zero, but it should let you leave it blank.

I was just trying different values, but I'm almost 100% sure that 'zero' was in there as default. If a value like zero isn't allowed, then maybe there could be a check for it?

Anyway, thanks for the explanation.

phil.davis · May 8, 2014, 1:04 AM

I had also recently changed the note to "Reset Log Files" button to add "Use the Save button first if you have made any setting changes."
Hopefully with JimP's added explanation in the other spot also, there is enough text there for people to know what to do.

m3usv0x · May 8, 2014, 8:16 PM

Any word on the status of this?

jimp · May 8, 2014, 8:33 PM

It's working on i386 but not amd64.

As a reminder, 2.2 is still alpha so we're working on bigger things right now (e.g. captive portal, ipsec) and some things like this can wait a bit.

There is a ticket here: https://redmine.pfsense.org/issues/3648

m3usv0x · May 8, 2014, 11:24 PM

@jimp:

It's working for me on the latest snapshot(s), I get more than I really need :-)

Lots of rules we have set to pass log out for some reason on 2.2, but it's definitely working to parse the logs. The device and VM I was testing are amd64 though. Are you running amd64 or i386?

@jimp:

It's working on i386 but not amd64.

As a reminder, 2.2 is still alpha so we're working on bigger things right now (e.g. captive portal, ipsec) and some things like this can wait a bit.

There is a ticket here: https://redmine.pfsense.org/issues/3648

Regardless of alpha state, imagine my confusion until you clarified versions.
That was way more helpful than reminding me it's in alpha.
There's enough disclaimers that it's alpha, posting in the alpha section of the forum is kind of a prerequisite of understanding.
Also, maybe it was helpful for someone to understand it works on 86 but not on 64 in the dev team.

I'm anxiously awaiting this being solved whenever someone has time to rectify it.
I'll monitor the bugtracker, thanks.

fragsteel · May 9, 2014, 2:01 AM

@jimp:

It's working on i386 but not amd64.

As a reminder, 2.2 is still alpha so we're working on bigger things right now (e.g. captive portal, ipsec) and some things like this can wait a bit.

There is a ticket here: https://redmine.pfsense.org/issues/3648

Thanks for the issue link.

jimp · May 9, 2014, 2:16 AM

The alpha reminder was mainly aimed at the repeated status queries. We know there are issues yet but we have to prioritize/triage.