.
I'm trying to setup logging with IPFW. I've not compiled IPFW into my
kernel, but am instead using the ipfw.ko module.
I have the following sysctl variables set:
net.inet.ip.fw.verbose=1
net.inet.tcp.log_in_vain=1
net.inet.udp.log_in_vain=1
However, I am still not seeing anything in /var/log
What does 'ipfw list' show?
- Original Message -
From: Wayne Pascoe [EMAIL PROTECTED]
Subject: Logging and IPFW
Hi all,
We're moving from ipfilter to ipfw. Since we no longer run multiple
platforms, the benefits that we used to derive from ipfilter are
declining. Add
On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
However, I am still not seeing anything in /var/log/messages when I
portscan the machine. The firewall appears to be working, as we receive
nothing back on the portscanning machine, but I would like logging
enabled.
Have you added
On Tue, Sep 09, 2003 at 09:42:14PM +1000, John Birrell wrote:
On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
However, I am still not seeing anything in /var/log/messages when I
portscan the machine. The firewall appears to be working, as we receive
nothing back on the
On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
I'm trying to setup logging with IPFW. I've not compiled IPFW into my
kernel, but am instead using the ipfw.ko module.
I have the following sysctl variables set:
net.inet.ip.fw.verbose=1
net.inet.tcp.log_in_vain=1
On Tue, Sep 09, 2003 at 01:22:18PM +0100, Wayne Pascoe wrote:
I tried changing the rc.firewall script so that the last line in the
CLIENT section read
${fwcmd} add 65535 deny ip from any to any log
but ipfw list still just showd
65535 deny ip from any to any log
where should that rule with
At 09:46 PM 9.9.2003 +0800, [EMAIL PROTECTED] wrote:
just edit the rules concerned in rc.firewall to add the word log to rules
you want logged.
e.g. -- ${fwcmd} add pass log tcp from any to ${oip} 80 setup
and tail the /var/log/security instead of messages.
...and, for its own ipfw log, put