Tim Kientzle wrote:
Is there any way to generate log information
about the packets dropped by IPFW?  The 'log'
modifier doesn't seem to do anything on my
system right now <sigh>, though from what I can tell,
it's supposed to only log the rule that was
triggered, which isn't the same thing at all.


Did you recompile your kernel with these options:


options IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options IPFIREWALL_FORWARD      #enable transparent proxy support
options IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity

...? Also consider:

sysctl net.inet.tcp.log_in_vain=1
sysctl net.inet.udp.log_in_vain=1

--
-Chuck


_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to