From owner-freebsd-questions@freebsd.org Tue Nov 20 18:51:11 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D4E37113992D for ; Tue, 20 Nov 2018 18:51:10 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-it1-x129.google.com (mail-it1-x129.google.com [IPv6:2607:f8b0:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2C50C7BA09 for ; Tue, 20 Nov 2018 18:51:10 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-it1-x129.google.com with SMTP id a205-v6so4950576itd.4 for ; Tue, 20 Nov 2018 10:51:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:subject :content-transfer-encoding; bh=Xbff5hMhJ99iWvHpjjU8aUmasPwTqyhkSRS+6u8J9Uk=; b=uZcfCF2qHluDwKuzGGRQIcJq8HGysODfi33UR+CxvZzTke0QzRKV7DwDpxpoLMf+54 QeWuF5Xc/Yt3FmUJMhO37qenyBDm28rsSAX3R1ONw0pgqsg31tXRmc9llIqEYpAFh8DH sDFcnrZ7H1Cdr7TGcw0OivSpKKv+alayQIs5CJ46IXuzGGJorNoV5ks1ddg0DThbr36X T4aFYJYTQFsyO7334WBr5LeelCnCJqLzgCxWyQ7lgBkYb2LJMszvrQ247JKhBNAZB85V IOq4IZ3uXLUojQdrtweoA8b+JFuG3gzyVgNTJENSdVkZ2h7j9vZxE2y1MtgOcdLijjR2 lBQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:content-transfer-encoding; bh=Xbff5hMhJ99iWvHpjjU8aUmasPwTqyhkSRS+6u8J9Uk=; b=LcmpcpvKj0v8miP6t1IhKX5XM7ySf0icEZWSbsYLqtY4xZERJmx2yfq2rn8HpnwWXz URCHO9oODx3WC1DINz2/ySpv7nMX5c96FRvmsFMtnt3tKiq51Wim126lOFglGea+MDW0 fuZU3YLYTiEJOs+Z7KYQZKtBYAP5mBcnENRrMtK/4T5YIuiCnui4PcfVqLZYO/knNXXD k8O3+PTdOJh9biGtF6fHU9oFxcuMe1qUDheMrdu7+HcHeCM0A1v0WNl/hn8PWsIcNRk1 oPyVk4xWMqpa6CRDzwgSgxBJRRFYCkdCdmaZh/usam9t+xbhxY2Jcmt0ce2qqoUrqgf8 KfEA== X-Gm-Message-State: AGRZ1gI70aSJlaNQWEnTlq4ZH2pqIDXUTmNRd9Vnk9XAv0YRXHVVhG90 DwyxXrmprK3oQHzS9120fgtx40mQ X-Google-Smtp-Source: AJdET5dnrZQDyXI9Eg1/HG+vWOut3ouj0fEYVrLKeQy8Nk/O0gy25oykmFm1pOy3U38MHjg9mFd94w== X-Received: by 2002:a24:c846:: with SMTP id w67-v6mr3053178itf.32.1542739869282; Tue, 20 Nov 2018 10:51:09 -0800 (PST) Received: from [10.0.10.7] (cpe-65-25-48-31.neo.res.rr.com. [65.25.48.31]) by smtp.googlemail.com with ESMTPSA id b8-v6sm4748919itd.35.2018.11.20.10.51.07 for (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 20 Nov 2018 10:51:08 -0800 (PST) Message-ID: <5BF45792.8020809@gmail.com> Date: Tue, 20 Nov 2018 13:50:58 -0500 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: "freebsd-questions@freebsd.org" Subject: Help with ipfw ipfwlog0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 2C50C7BA09 X-Spamd-Result: default: False [-6.21 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; IP_SCORE(-2.23)[ip: (-7.05), ipnet: 2607:f8b0::/32(-2.38), asn: 15169(-1.61), country: US(-0.09)]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[9.2.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; TO_DN_EQ_ADDR_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.97)[-0.972,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 18:51:11 -0000 In (man ipfw) there is a short blip about the pseudo interface ipfwlog0. Really not enough info to go on. Here is my problem, when running ipfw firewall on the host and inside of a vnet jail the log messages from the jail get intermingled into the hosts ipfw log /var/log/security. To test if I can get around this design flaw I am thinking that if I set up a pseudo interface ipfwlog0 in the vnet jail then the ipfw rule log option would log to this log in the vnet jail. Can this be done? Will the logged packets be written to both logs? Add firewall_lofif="YES" to rc.conf in the vnet jail to create the logging-pseudo interface. Is this going to become a file in /var/log/ipfwlog0 within the vnet jail without any manual help? Thanks for any help on this subject.