From 18b04af3af812d2a0deba6da7478775abd5b0c79 Mon Sep 17 00:00:00 2001 From: Camiel Dobbelaar Date: Tue, 7 Jun 2005 04:37:33 +0000 Subject: Introduce verbose option to control the logging of the pf rules. ok beck mpf --- usr.sbin/ftp-proxy/ftp-proxy.8 | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'usr.sbin/ftp-proxy/ftp-proxy.8') diff --git a/usr.sbin/ftp-proxy/ftp-proxy.8 b/usr.sbin/ftp-proxy/ftp-proxy.8 index ce84dbdcccf..5c6349cf5a6 100644 --- a/usr.sbin/ftp-proxy/ftp-proxy.8 +++ b/usr.sbin/ftp-proxy/ftp-proxy.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ftp-proxy.8,v 1.2 2005/05/31 21:47:20 jmc Exp $ +.\" $OpenBSD: ftp-proxy.8,v 1.3 2005/06/07 04:37:32 camield Exp $ .\" .\" Copyright (c) 2004, 2005 Camiel Dobbelaar, .\" @@ -22,7 +22,7 @@ .Nd Internet File Transfer Protocol proxy daemon .Sh SYNOPSIS .Nm ftp-proxy -.Op Fl 6Adr +.Op Fl 6Adrv .Op Fl a Ar address .Op Fl b Ar address .Op Fl D Ar level @@ -63,16 +63,16 @@ adds the following rules to the various anchors. In case of active mode (PORT or EPRT): .Bd -literal -offset 2n rdr from $server to $proxy port $port -> $client -pass log quick inet proto tcp \e +pass quick inet proto tcp \e from $server to $client port $port flags S/SAFR keep state .Ed .Pp In case of passive mode (PASV or EPSV): .Bd -literal -offset 2n nat from $client to $server port $port -> $proxy -pass in log quick inet proto tcp \e +pass in quick inet proto tcp \e from $client to $server port $port flags S/SAFR keep state -pass out log quick inet proto tcp \e +pass out quick inet proto tcp \e from $proxy to $server port $port flags S/SAFR keep state .Ed .Pp @@ -133,6 +133,11 @@ proxy will disconnect. The default is 24 hours. Do not set this too low, because the control connection is usually idle when large data transfers are taking place. +.It Fl v +Set the 'log' flag on pf rules committed by +.Nm . +Use twice to set the 'log-all' flag. +The pf rules do not log by default. .El .Sh CONFIGURATION To make use of the proxy, -- cgit v1.2.3