On Mon, Sep 20, 2004 at 10:27:22PM -0500, Eric F Crist wrote:

> IPFW used to log all entries with the 'log' included in the rule, but 
> randomely, to me, anyways, stopped doing so.  I can't seem to get it to 
> continue logging.
> 
> Does anyone have any insight?  I'm running FreeBSD 4.10 from about 2 
> months ago.  I'm going to cvsup tonight to see if it helps.  what log 
> files can I check to verify things are working?  Thanks.

Are you just running into the verbose limit on log messages? That's
the setting of the net.inet.ip.fw.verbose_limit sysctl.  That exists
to prevent anyone DOS-ing you by sending so many nasty packets that
the log files fill up your disk.

I find setting this to a fairly high number (1024) and doing a daily
reset of the counters keeps the logging data coming through more or
less smoothly. I put this in /etc/daily.local:

    #!/bin/sh
    
    PATH=/usr/bin:/bin:/sbin ; export PATH
    
    ipfw resetlog
    
    #
    # That's All Folks!
    #

        Cheers,

        Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

Attachment: pgpy6vpENh3il.pgp
Description: PGP signature

Reply via email to