Date: Sat, 14 Dec 2002 15:23:32 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Jens Rehsack <rehsack@liwing.de> Cc: Erwan Breton <breton@cri.ensmp.fr>, freebsd-questions@FreeBSD.ORG Subject: Re: Kernel log messages Message-ID: <20021214132332.GA35991@gothmog.gr> In-Reply-To: <3DFB23FA.60803@liwing.de> References: <200212141214.42931.breton@cri.ensmp.fr> <3DFB23FA.60803@liwing.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-12-14 13:28, Jens Rehsack <rehsack@liwing.de> wrote: > Erwan Breton wrote: > >Hi, > > > >Since i have activate the firewall on my Box, I have many kernel > >log messages in my security check output every night. the problem > >is, i don't see anymore interessant messages like bad login. > > > >athena kernel log messages: > > > >>ipfw: 600 Deny TCP 80.14.195.215:3795 10.255.255.250:4661 out via tun0 > >>ipfw: 800 Deny TCP 80.14.195.215:3801 192.168.10.210:4661 out via tun0 > >>ipfw: 800 Deny TCP 80.14.195.215:3810 192.168.1.77:4661 out via tun0 > >>ipfw: 1600 Deny ICMP:3.3 192.168.1.2 80.14.195.215 in via tun0 > >>ipfw: 4000 Deny TCP 80.105.241.117:62104 80.14.195.215:139 in via tun0 > >>ipfw: 700 Deny TCP 80.14.195.215:4198 172.16.1.50:4661 out via tun0 > >>Etc .. etc .. etc ... > > It seems you use rules which locks the blocked packets. If you sent > your firewall config, I can say you which rules do that. > > Moved to questions@freebsd.org, cause it's not a security related > question but a config related one. Actually the rule numbers are listed above too. Rules 600, 700, 800, 1600 and 4000 are the ones that log denied packets. Deleting the 'log' keyword from those rules will make sure that logs are kept a bit more clean. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021214132332.GA35991>