Date: Thu, 19 Apr 2001 14:52:57 -0500 From: Mike Meyer <mwm@mired.org> To: green <green@prokk.net> Cc: questions@freebsd.org Subject: Re: attemp to connect Message-ID: <15071.16921.416976.649344@guru.mired.org> In-Reply-To: <100714139@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
green <green@prokk.net> types: > hi > > i would like, what my freebsd machine would log any connection > attempts on any port.. > > can i do this with standart freebsd programs, or i need something > other for this feature ? It's a standard part of FreeBSD. You need to do three things to set it up: 1) load the ipfw module: kldload ipfw 2) Use sysctl to set the ipfw verbosity: sysctl -w net.inet.ip.fw.verbose=1 net.inet.ip.fw.verbose_limit=0 3) Turn on logging with ipfw: ipfw add allow log ip from any to any That allows the connection attempts and logs them. If you don't want them to work, replcae "allow" with "deny". Read the ipfw manual page for detailed information on the sysctl's and ipfw. Be warned that this exactly what you asked for, so connection attempts to localhost will be logged, and possibly denied. You may not want that. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15071.16921.416976.649344>