From owner-freebsd-security@FreeBSD.ORG Mon Nov 15 06:56:43 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2649616A4CE for ; Mon, 15 Nov 2004 06:56:43 +0000 (GMT) Received: from smtpclu-2.eunet.yu (smtpclu-2.eunet.yu [194.247.192.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id C480943D39 for ; Mon, 15 Nov 2004 06:56:41 +0000 (GMT) (envelope-from kolicz@EUnet.yu) Received: from faust.net (P-2.122.EUnet.yu [213.240.2.122]) by smtpclu-2.eunet.yu (8.12.11/8.12.11) with ESMTP id iAF6ubr7002924 for ; Mon, 15 Nov 2004 07:56:38 +0100 Received: by faust.net (Postfix, from userid 1001) id 8EE5760E3; Mon, 15 Nov 2004 07:55:24 +0100 (CET) Date: Mon, 15 Nov 2004 07:55:24 +0100 From: Zoran Kolic To: freebsd-security@freebsd.org Message-ID: <20041115065524.GA972@faust.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Virus-Scan: EUnet-AVAS-Milter X-AVAS-Virus-Status: clean X-Spam-Checker: EUnet-AVAS-Milter X-AVAS-Spam-Score: -1.2 X-AVAS-Spam-Symbols: AWL BAYES_44 Subject: ipfw logging X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Nov 2004 06:56:43 -0000 Hi all! After installing 5.3 I've noticed some change in firewall logging. Prior (on 5.2) rules gave me what I needed: trimed to 3 of the same connection. Every new connection on the same rule gave new log line up to 3. I have in kernel: FIREWALL FIREWALL_VERBOSE FIREWALL_VERBOSE_LIMIT=3 Now, all connections on the same rule are trimed to 3. Is it possib- le on 5.3 to have all connections logged, but no more than 3 of the same? Just a little annoyance... I'd rather see what was blocked. New is even line: "ipfw: limit 3 reached on entry 1500" Can I do something to have old way of logging back? Best regards ZK