From owner-freebsd-jail@FreeBSD.ORG Sat Apr 18 12:37:00 2015 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A42F08E9 for ; Sat, 18 Apr 2015 12:37:00 +0000 (UTC) Received: from smtp.free.de (smtp.free.de [91.204.6.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 10419947 for ; Sat, 18 Apr 2015 12:36:59 +0000 (UTC) Received: (qmail 47390 invoked from network); 18 Apr 2015 14:30:15 +0200 Received: from smtp.free.de (HELO [192.168.178.21]) (k@free.de@[91.204.4.103]) (envelope-sender ) by smtp.free.de (qmail-ldap-1.03) with AES128-SHA encrypted SMTP for ; 18 Apr 2015 14:30:15 +0200 Message-ID: <55324E55.1000805@free.de> Date: Sat, 18 Apr 2015 14:30:13 +0200 From: Kai Gallasch Organization: FREE! User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: IPFW2 logging inside VIMAGE Jails? Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iwhbTEDpuWldV8oAMQ2XavaN95PxssGMq" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Apr 2015 12:37:00 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --iwhbTEDpuWldV8oAMQ2XavaN95PxssGMq Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi. Is it possible at all to log actions of the IPFW2 firewall inside a running VIMAGE jail to the jail's syslog? I'm asking, because I see no firewall log entries inside the jail's /var/log/security log. What I find is, that log messages of jails with active IPFW rules are only logged on the jailhost (/var/log/security) - out of reach of any local jail admins.. My kernel is built without firewall support. The ipfw.ko is loaded dynamically when the server starts. No PF firewall is in use. - FreeBSD 10.1-RELEASE-p9 - /dev/bpf available inside jails - firewall logging enabled on the jailhost and also inside the jail I found https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D178482 (2 years old, FreeBSD 9.1 related) Cheers, Kai. --=20 PGP-KeyID =3D 0x70654D7C4FB1F588 --iwhbTEDpuWldV8oAMQ2XavaN95PxssGMq Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVMk5VAAoJEHBlTXxPsfWIP50P/RdEDQxbU5jXlyn+T9oNqh/F kaIAa1fLT7C6I1k54nGGWfC028t+FreqgKYa05y4Ywb4MBtm0Jh++pZZ8yt7JNj0 KX7cJO2ERDWLQDjArGhtjB+Zi56rucAPxVjHmzazNQPpHBhZN9j+WhNJCOKexabX ZdjWb5VqTFx1hc0P8tBee/Pnt+YJxwcWfpx1hA9UwJHtbI/S/0wu++gvKLpMh2jq CK2KQyYylDPYSm9cW7GQjdCsT3ulEhUO5xZp9VYCSvl862USV3Hsp7xzBpn9a2Vi r0eYIE0A+BnQtCZBZ92gDsUBIsChwTCeF1zPdyvYDpZmca5jhFFYMdSNpD07MyzD ihrXwfN4W9Q8HLilWkanxk7aiq86bKUHglAhskxNGOnHeZao/E7RyGYfEa2sTitx da4nImHP+ctJTDYHCImaB/TRJow+XSyn2rcLLaP0LUGkWvlW/+iOJiYLPvVuULDZ YWqMrv7Njm+MQuSjhs6Sr5sZuY72G//HUc5pHQS6ETPjnVuROR8iwu/SxAFhvHnj OFzrKx0lNNGW396yvqz1qcQpnYMhPP7aBC3bUG9CXf+jj/5wTXTZptvvV9EgIaki CkkI/YwYG9auw4SdKKExrohcCbkqksLipn8okPhgPA2vfdK+uAZY9frS+TDXoMeq FxBCjGr3OfJ9na0EbBTL =nYnO -----END PGP SIGNATURE----- --iwhbTEDpuWldV8oAMQ2XavaN95PxssGMq--