At 09:46 PM 9.9.2003 +0800, [EMAIL PROTECTED] wrote:
>
>just edit the rules concerned in rc.firewall to add the word "log" to rules
>you want logged.
>
>e.g. -- ${fwcmd} add pass log tcp from any to ${oip} 80 setup
>
>and tail the /var/log/security instead of messages.
>
...and, for its own ipfw l
just edit the rules concerned in rc.firewall to add the word "log" to rules
you want logged.
e.g. -- ${fwcmd} add pass log tcp from any to ${oip} 80 setup
and tail the /var/log/security instead of messages.
> Hi all,
>
> We're moving from ipfilter to ipfw. Since we no longer run multiple
> plat
On Tue, Sep 09, 2003 at 01:22:18PM +0100, Wayne Pascoe wrote:
> I tried changing the rc.firewall script so that the last line in the
> CLIENT section read
> ${fwcmd} add 65535 deny ip from any to any log
> but ipfw list still just showd
> 65535 deny ip from any to any log
>
> where should that rul
On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
> I'm trying to setup logging with IPFW. I've not compiled IPFW into my
> kernel, but am instead using the ipfw.ko module.
>
> I have the following sysctl variables set:
> net.inet.ip.fw.verbose=1
> net.inet.tcp.log_in_vain=1
> net.in
On Tue, Sep 09, 2003 at 09:42:14PM +1000, John Birrell wrote:
> On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
> > However, I am still not seeing anything in /var/log/messages when I
> > portscan the machine. The firewall appears to be working, as we receive
> > nothing back on the p
On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote:
> However, I am still not seeing anything in /var/log/messages when I
> portscan the machine. The firewall appears to be working, as we receive
> nothing back on the portscanning machine, but I would like logging
> enabled.
Have you ad
What does 'ipfw list' show?
- Original Message -
From: "Wayne Pascoe" <[EMAIL PROTECTED]>
Subject: Logging and IPFW
> Hi all,
>
> We're moving from ipfilter to ipfw. Since we no longer run multiple
> platforms, the benefits that we used to d
Hi all,
We're moving from ipfilter to ipfw. Since we no longer run multiple
platforms, the benefits that we used to derive from ipfilter are
declining. Add to this the problems we've had when running it as a
module on 5.x (as opposed to compiled into the kernel), and we've
decided to move to ipfw.