npflog latency

[triaxx%NetBSD.org@localhost]

Hi,

I have the following rules:

kyroz# npfctl show
| # filtering:    active
| # config:       loaded
|
| procedure "log"
|
| group default { # id="1"
|         pass stateful out final all # id="2"
|         pass stateful in final family inet4 proto tcp flags S/FSRA to 
51.159.70.149 port 22 # id="3"
|         pass final on lo0 all # id="4"
|         block all apply "log" # id="5"
| }

I test a connection that should be blocked:

| uzqew% nc kyroz.triaxx.org 80

And I expect to see logs of the blocked connections:

| kyroz# tcpdump -i npflog0 port 80

But I have to wait for approximately ~70 seconds to see the following 
logs appearing.

Is there any reason for this latency?

Fred