PF pflog1 not created at boot

[facedebouc]

Hi,

I am using FreeBSD 12.2-RELEASE and tried to get pflog1 functional at boot.
I added cloned_interfaces="pflog1" in my /etc/rc.conf but no more pflog1 after boot.
When running tcpdump I get:

# tcpdump -nei pflog1
tcpdump: pflog1: No such device exists
(BIOCSETIF failed: Device not configured)

I have to do :

# service netif restart
# service routing restart

and after that pflog1 is created and functional:

# tcpdump -nei pflog1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pflog1, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes

 

[SirDice]

Is pflog(4) enabled in rc.conf?

pflog_enable="YES"

 

[facedebouc]

Is pflog(4) enabled in rc.conf?

pflog_enable="YES"

Yes and I can listen to pflog0 with tcpdump

 

[facedebouc]

Found information in script /etc/rc.d/pflog and here is what to add to /etc/rc.conf :

pf_enable="YES"
pflog_enable="YES"
pflog_instances="0 1"
pflog_0_dev="pflog0"
pflog_0_logfile="/var/log/pflog"
pflog_1_dev="pflog1"
pflog_1_logfile="/var/log/pflog1"

cloned_interfaces="pflog1" not needed.

Modified /etc/newsyslog.conf.d/pf.conf to rotate /var/log/pflog1