Hello, World!
I would like to have the pf logs of my gateway available on another

machine to not have to work on them on the gateway itself. At that

point, I'm juste trying to find a reasonable solution. Here are my

thoughts:
* The solution proposed in the FAQ [1] has a few annoying problems (at

  least for me :). One of them is that logs in text format takes a lot

  more room that the ones in tcpdump files
* I'had also a look at the (old) articles of Jacek Artymiak on the

  subject [2]. I've tested it and it seems quite clever. However, I

  had two problems with that solution: the network between the gateway

  and the host where I want to have my logs is not perfetly reliable,

  as the host where I want to keep my logs (an OpenBSD virtual machine

  on a win platform). The chance to lose logs is too high. It would be

  different if I had a dedicated machine for that purpose, directly

  connected to a dedicated interface of the gateway.
* Then, I read an old post of the ML archives [3] about using cron and

  scp for that purpose. I thought a bit about that and came with such

  a solution: modify newsyslog.conf to execute a script that scp the

  logs on the remote host and gracefully fallback in case of (link)

  failure.
Any comment? Did I miss a simpler / more clever way to do that?
Thanks for your reply,

-AJ
[1] http://www.openbsd.org/faq/pf/logging.html#syslog

[2] http://www.onlamp.com/pub/a/bsd/2002/06/20/openbsd.html

[3] http://www.monkey.org/openbsd/archive/misc/0204/msg00737.html