From owner-freebsd-questions Tue Oct 16 1:50:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from fepB.post.tele.dk (fepB.post.tele.dk [195.41.46.145]) by hub.freebsd.org (Postfix) with ESMTP id 046A137B407 for ; Tue, 16 Oct 2001 01:50:32 -0700 (PDT) Received: from there ([62.243.124.243]) by fepB.post.tele.dk (InterMail vM.4.01.03.23 201-229-121-123-20010418) with SMTP id <20011016085031.ZUFR22989.fepB.post.tele.dk@there> for ; Tue, 16 Oct 2001 10:50:31 +0200 Content-Type: text/plain; charset="iso-8859-1" From: Bjarne Wichmann Petersen To: freebsd-questions@freebsd.org Subject: Firewall not logging Date: Tue, 16 Oct 2001 10:53:14 +0200 X-Mailer: KMail [version 1.3] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20011016085031.ZUFR22989.fepB.post.tele.dk@there> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG My firewall is not logging, /var/log/security is uttlerly empty and have been for over a month. And I don't get it. AFAIK everything is set up ok, so anyone got a clue to what I'm missing? From my kernelconfig: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPDIVERT From /etc/rc.conf: firewall_enable="YES" firewall_logging="YES" firewall_script="/etc/firewall/newrules" My firewall: # Define the firewall command (as in /etc/rc.firewall) for easy # reference. Helps to make it easier to read. fwcmd="/sbin/ipfw" # Flush $fwcmd -f flush # Allow all data from my network card and localhost. Make sure you # change your network card (mine was fxp0) before you reboot. :) $fwcmd add allow ip from any to any via lo0 $fwcmd add allow ip from any to any via xl0 #Allow all connections from localhost and keep them $fwcmd add allow tcp from any to any out xmit xl0 setup $fwcmd add allow tcp from any to any via xl0 established #Open for apache $fwcmd add allow tcp from any to any 80 setup #Reset all ident packets. $fwcmd add reset log tcp from any to any 113 in recv xl0 # Get to the DNS $fwcmd add allow udp from any to 193.162.159.194 out xmit xl0 $fwcmd add allow udp from any to 193.162.145.130 out xmit xl0 $fwcmd add allow udp from 193.162.159.194 to any in recv xl0 $fwcmd add allow udp from 193.162.145.130 to any in recv xl0 # Ping and traceroutes $fwcmd add allow icmp from any to any # Luk for <1024 $fwcmd add deny log tcp from any to any 1-1024 in recv xl0 setup # Luk for X $fwcmd add deny log tcp from any to any 6000-6063 in recv xl0 # Allow all udp out $fwcmd add allow udp from any to any out xmit xl0 # Allow ICQ in $fwcmd add allow udp from any 4000 to any in recv xl0 # Strangle the rest $fwcmd add deny log udp from any to any in recv xl0 # Deny the rest $fwcmd add 65435 deny log ip from any to any To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message