PFLOGGERD on EL Capitan not being used

Murus
Post Reply
nebra
Posts: 1
Joined: Fri May 19, 2017 4:13 am

PFLOGGERD on EL Capitan not being used

Post by nebra » Fri May 19, 2017 4:29 am

HI,

I am running the latest Murus Firewall 1.4.10 and have installed it on my iMac which is using EL Capitan 10.11.6. When I do a "ps -ef | grep pf", I notice that it is using tcpdump, "/usr/sbin/tcpdump -lnettti pflog0". I was expecting it to use the new PFLOGGERD.

I also have a Macbook Air running the latest version of Murus and using macOS Sierra 10.12.5. Now the Macbook Air is using the PFLOGGERD.
When I do a "ps -ef | grep pf" on the Macbook Air it reports "/usr/local/bin/pfloggerd" and I also can see it in the Activity Monitor.

Hence my confusion as I understood that the new daemon would be used when installing Murus 1.4.10 no matter the Mac version. Is this correct?

Thanks

hany
Posts: 482
Joined: Wed Dec 10, 2014 5:20 pm

Re: PFLOGGERD on EL Capitan not being used

Post by hany » Tue May 23, 2017 12:45 pm

Hence my confusion as I understood that the new daemon would be used when installing Murus 1.4.10 no matter the Mac version. Is this correct?
Hello nebra,
no it is not correct. Sorry about that, maybe we should clarify this in our documentation.
Murus 1.4.10 installs different Boot Scripts according to the operating system version.
PFLOGGERD is used only on macOS 10.12 while on OS X 10.10 and 10.11 TCPDUMP is used.

Post Reply