From owner-freebsd-questions@FreeBSD.ORG  Thu Sep 30 17:09:50 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E84BD16A4CF
	for <freebsd-questions@freebsd.org>;
	Thu, 30 Sep 2004 17:09:50 +0000 (GMT)
Received: from advmail.lsn.net (advmail.lsn.net [66.90.138.148])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A2E3D43D49
	for <freebsd-questions@freebsd.org>;
	Thu, 30 Sep 2004 17:09:50 +0000 (GMT)
	(envelope-from norm@etherealconsulting.com)
Received: from [127.0.0.1] (24-155-40-125.ip.grandenetworks.net
	[24.155.40.125])
	by advmail.lsn.net (8.12.8/8.12.4) with ESMTP id i8UH9j0A032476;
	Thu, 30 Sep 2004 12:09:46 -0500
Message-ID: <415C3DD4.3020202@etherealconsulting.com>
Date: Thu, 30 Sep 2004 12:09:40 -0500
From: Norm Vilmer <norm@etherealconsulting.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7.3) Gecko/20040910
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Norm Vilmer <norm@etherealconsulting.com>
References: <415C2FA7.6010408@etherealconsulting.com>
In-Reply-To: <415C2FA7.6010408@etherealconsulting.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiVirus: checked by Vexira Milter 1.0.6; VAE 6.27.0.12; VDF 6.27.0.82
cc: freebsd-questions@freebsd.org
Subject: Re: ipfw console messages
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Sep 2004 17:09:51 -0000

Norm Vilmer wrote:

> I have been running a IPFW firewall on FreeBSD 4.10 for a few weeks
> now. For some reason a few connection attempts are showing up on the
> console rather than going to the log file. I can't seem to figure out
> why. Any ideas?
> 
> I have tried adding the 'log' key word to every deny statement in my
> IPFW firewall config file. For the most part all denied packets are
> logged to /var/log/ipfw.log. But about 3-12 per night are not. These
> also show up in the security run output email as kernel log messages.
> 
> 
> 
> 
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe@freebsd.org"
> 
More info: my kernel is compiled with these option:

option	TCP_DROP_SYNFIN
option	ICMP_BANDLIM
option	IPFIREWALL
option	IPFIREWALL_VERBOSE
option	IPDIVERT
option	RANDOM_IP_ID