On Mon, Sep 20, 2004 at 10:27:22PM -0500, Eric F Crist wrote: > IPFW used to log all entries with the 'log' included in the rule, but > randomely, to me, anyways, stopped doing so. I can't seem to get it to > continue logging. > > Does anyone have any insight? I'm running FreeBSD 4.10 from about 2 > months ago. I'm going to cvsup tonight to see if it helps. what log > files can I check to verify things are working? Thanks.
Are you just running into the verbose limit on log messages? That's the setting of the net.inet.ip.fw.verbose_limit sysctl. That exists to prevent anyone DOS-ing you by sending so many nasty packets that the log files fill up your disk. I find setting this to a fairly high number (1024) and doing a daily reset of the counters keeps the logging data coming through more or less smoothly. I put this in /etc/daily.local: #!/bin/sh PATH=/usr/bin:/bin:/sbin ; export PATH ipfw resetlog # # That's All Folks! # Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature