PF, The OpenBSD Packet Filter: Building The Network You Need: BSDCan, Ottawa, June 10th 2015 | ||
---|---|---|
Prev | Next |
Set the debug info level, equal to syslog levels from OpenBSD 4.7 on: emerg(panics), alert (serious errors), crit, err (default), warning (warnings), notice (unusual conditions), info, debug
Pre-4.7, possible values were none, urgent (default, equal to err), misc, loud, still accepted
useful when debugging, use set debug debug or use pfctl:
$ sudo pfctl -x debug $ tail -f /var/log/messages Oct 4 11:41:11 skapet /bsd: pf_map_addr: selected address 194.54.107.19 Oct 4 11:41:15 skapet /bsd: pf: loose state match: TCP 194.54.107.19:25 194.54.107.19:25 158.36.191.135:62458 [lo=3178647045 high=3178664421 win=33304 modulator=0 wscale=1] [lo=3111401744 high=3111468309 win=17376 modulator=0 wscale=0] 9:9 R seq=3178647045 (3178647044) ack=3111401744 len=0 ackskew=0 pkts=9:12 Oct 4 11:41:15 skapet /bsd: pf: loose state match: TCP 194.54.107.19:25 194.54.107.19:25 158.36.191.135:62458 [lo=3178647045 high=3178664421 win=33304 modulator=0 wscale=1] [lo=3111401744 high=3111468309 win=17376 modulator=0 wscale=0] 10:10 R seq=3178647045 (3178647044) ack=3111401744 len=0 ackskew=0 pkts=10:12 Oct 4 11:42:24 skapet /bsd: pf_map_addr: selected address 194.54.107.19
Lots of info, enough data for auto-DOS if you're not careful