* Philipp <e1c1bac6253dc54a1e89ddc046585...@posteo.net> [2014-02-17 13:36]: > Am 17.02.2014 13:11 schrieb Henning Brauer: > >how do you emit such a maessage in pcap? as payload with a dummy > >packet header? (NOOOOOOOOOOOO!!!!!!!!!!) > pf is taking action without telling anyone - and that's not nice.
doesn't change a thing wrt pflog. pflog doesn't carry strings. > There *are* other log() entries in pf.c already so I wonder how the initial > comment about 'slow via serial console' would qualify. logging to the console is generally bad and only for really critical stuff. and look at those log()s again, most aren't going to produce anything with default settings. right now, the "memory" counter gets increased when hitting the limit, that isn't optimal imho. > some "blocked because of resource exhaustion" reason for pflog_packet? logging packets blocked thru sth else than a block rule is generally worthwile, but then has to be done everywhere and not just that one place. you know he answer... "where's your diff" -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
