I Agree with bill good spotting to find the errors. But that is what beta is about.
ALPHA new features and development BETA bug fixes and patches -----Original Message----- From: David Strout [mailto:[EMAIL PROTECTED] Sent: 07 January 2006 10:55 To: support@pfsense.com Subject: [pfSense Support] LOGGING ISSUE I have posted this before and got but a hand in the air "can't replicate/explain it" So, here it is again w/ more background info. I have installed BETA1 with a from scratch config and I get all TCP packets showing up in the "formatted" log as ESP packets. FORMATTED LOG OUTPUT: Jan 7 05:37:49 WAN 66.79.231.100:22034 24.39.185.78:1026 UDP Jan 7 05:36:52 WAN 24.39.106.226.7984 24.39.185.78.445 ESP Jan 7 05:36:49 WAN 24.39.106.226.7984 24.39.185.78.445 ESP Jan 7 05:36:30 WAN 24.39.251.195.1618 24.39.185.78.139 ESP Jan 7 05:36:27 WAN 24.39.251.195.1618 24.39.185.78.139 ESP Jan 7 05:33:27 WAN 24.182.13.124:13100 24.39.185.78:1026 UDP RAW LOG OUTPUT: Jan 7 05:37:49 pf: 57. 064296 rule 31/0(match): block in on fxp1: 66.79.231.100.22034 > 24.39.185.78.1026: UDP, length 791 Jan 7 05:36:52 pf: 2. 998852 rule 31/0(match): block in on fxp1: 24.39.106.226.7984 > 24.39.185.78.445: S 225686055:225686055(0) win 64240 <mss 1440,nop,nop,sackOK> Jan 7 05:36:49 pf: 19. 301636 rule 31/0(match): block in on fxp1: 24.39.106.226.7984 > 24.39.185.78.445: S 225686055:225686055(0) win 64240 <mss 1440,nop,nop,sackOK> Jan 7 05:36:30 pf: 2. 924214 rule 31/0(match): block in on fxp1: 24.39.251.195.1618 > 24.39.185.78.139: S 4104974480:4104974480(0) win 65535 <mss 1460,nop,nop,sackOK> Jan 7 05:36:27 pf: 179. 471810 rule 31/0(match): block in on fxp1: 24.39.251.195.1618 > 24.39.185.78.139: S 4104974480:4104974480(0) win 65535 <mss 1460,nop,nop,sackOK> Jan 7 05:33:27 pf: 198. 370880 rule 31/0(match): block in on fxp1: 24.182.13.124.13100 > 24.39.185.78.1026: UDP, length 939 Upon closer inspection (Scott) it looks like the TCP packets are being "non-reported" either UDP or TCP, so it looks like pfS or maybe BSD doesn't know how to classify them ... and thereby stamping ESP on them. Hardware is as follows .... ===== WAN MAC Address Prefix 00508B -> COMPAQ COMPUTER CO fxp1: <Intel 82558 Pro/100 Ethernet> port 0xbc00-0xbc1f mem 0xe1300000-0xe1300fff,0xe1000000-0xe10fffff irq 5 at device 9.0 on pci0 miibus1: <MII bus> on fxp1 inphy1: <i82555 10/100 media interface> on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: Ethernet address: 00:50:8b:08:28:3d ===== LAN MAC Address Prefix 0008C7 -> compaq computer corporation fxp0: <Intel 82558 Pro/100 Ethernet> port 0xb800-0xb81f mem 0xe1301000-0xe1301fff,0xe1100000-0xe11fffff irq 11 at device 8.0 on pci0 miibus0: <MII bus> on fxp0 inphy0: <i82555 10/100 media interface> on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp0: Ethernet address: 00:08:c7:59:26:cd ===== CPU: AMD Athlon(tm) Processor (751.33-MHz 686-class CPU) Origin = "AuthenticAMD" Id = 0x642 Stepping = 2 Features=0x183f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,C MOV,PAT,PSE36,MMX,FXSR> AMD Features=0xc0440800<SYSCALL,<b18>,MMX+,3DNow+,3DNow> Yet another reason I state that pfS is NOT ready for BETA .... at it's current state. Regards, DLS --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
