Tim Kientzle wrote:
Micheal Patterson wrote:
----- Original Message -----
>> From: "Tim Kientzle" <[EMAIL PROTECTED]>
Subject: Logging packets dropped by IPFW

Is there any way to generate log information
about the packets dropped by IPFW?  The 'log'
modifier doesn't seem to do anything ...


options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity

Thanks, Micheal. The manpage didn't mention that logging was a compile-time option; I'm recompiling now...

Took another very careful look at the manpage, and discovered that recompiling wasn't necessary after all:

# sysctl net.inet.ip.fw.verbose=1

suffices to turn it on.  The IPFIREWALL_VERBOSE
compile option just changes the default for this sysctl.
Make this permanent by adding the line:

net.inet.ip.fw.verbose=1

to /etc/sysctl.conf.

Tim

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to