Hello, In your /etc/opt/ipf/ipf.conf do you have something akin to the following?
block in log level auth.notice quick from any to any with ipopts block in log level auth.notice quick proto tcp from any to any with short then edit your syslog.conf to have something like auth.info;auth.warn;auth.crit;auth.notice /var/log/authlog Rembemer the that syslog needs tabs or else it will hose up. Hope this helps, Erik Mallory __________________ Dear All, I can't get syslog/ipf to log. [EMAIL PROTECTED] tom]# ipf -V ipf: IP Filter: v3.4.35 (336) Kernel: IP Filter: v3.4.35 Running: yes Log Flags: 0 = none set Default: block all, Logging: available Active list: 0 [EMAIL PROTECTED] tom]# cat /etc/rc.conf |grep ipf ipfilter_enable="YES" ipfilter_flags="" ipfilter_rules="/etc/ipf.rules" [EMAIL PROTECTED] tom]# cat /etc/rc.conf |grep ipmon ipmon_enable="YES" ipmon_flags="-Dsvb" [EMAIL PROTECTED] tom]# cat /etc/syslog.conf |grep local local0.* /var/log/fw/log [EMAIL PROTECTED] tom]# cat /etc/newsyslog.conf |grep fw /var/log/fw/log 600 100 100 * Z [EMAIL PROTECTED] tom]# ls /var/log/fw total 4 drwx------ 2 root wheel 512 Jan 22 13:38 drwxr-xr-x 7 root wheel 1024 Feb 18 22:42 -rw------- 1 root wheel 0 Jan 22 13:38 log What Am I missing? Thanks in advance Tom
