https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260609
Bug ID: 260609
Summary: rc.firewall options nologports but no logports ?
Product: Base System
Version: 13.0-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: conf
Assignee: [email protected]
Reporter: [email protected]
Hello,
When configuring firewall with type workstation, we can log nothing, all but
max 500 logs or all except some tcp/udp ports. It's not possible to log some
specific port except using firewall script but that's a great loose in term of
configuration readabilty.
Is there a way to implement a rc variable firewall_logports or
firewall_forcelogports and for example create rules accordingly
if [ -n "${firewall_logports}" ] ; then
sysctl net.inet.ip.fw.verbose=1 >/dev/null
log="log logamount 500" # The default of 100 is too low.
for i in ${firewall_logports} ; do
${fwcmd} add deny $log ip from any to me $i in
done
fi
?
Best regards
Nicolas
--
You are receiving this mail because:
You are the assignee for the bug.
