From owner-freebsd-ipfw@FreeBSD.ORG Sun Mar 7 05:14:12 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DE3D16A4F3 for ; Sun, 7 Mar 2004 05:14:12 -0800 (PST) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4115A43D3F for ; Sun, 7 Mar 2004 05:14:12 -0800 (PST) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.9p1/8.12.8) with ESMTP id i27DEB9Q075949; Sun, 7 Mar 2004 05:14:11 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.9p1/8.12.3/Submit) id i27DEBfW075948; Sun, 7 Mar 2004 05:14:11 -0800 (PST) (envelope-from rizzo) Date: Sun, 7 Mar 2004 05:14:11 -0800 From: Luigi Rizzo To: Uwe Kolsch Message-ID: <20040307051411.B74559@xorpc.icir.org> References: <00e701c40444$63d3ab00$cc06a8c0@wax.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <00e701c40444$63d3ab00$cc06a8c0@wax.local>; from ukolsch@gmx.net on Sun, Mar 07, 2004 at 01:02:04PM -0000 cc: freebsd-ipfw@freebsd.org Subject: Re: logging and dynamic rules X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Mar 2004 13:14:12 -0000 On Sun, Mar 07, 2004 at 01:02:04PM -0000, Uwe Kolsch wrote: > Hi, > > I've set up ipfw2 on 5.2.1 like follows. > > add 1000 check-state > #allow ssh traffic from any to any > add 2022 allow log tcp from any to any 22 in setup keep-state > > This results in every packet of any ssh connection getting logged, not > really what I want. I would like to get only the initiation of a ssh > connection into the logfile. Without dynamic rules I would just deal i guess your best option is to do this: add 2022 count log tcp from any to any 22 in setup add 2022 allow tcp from any to any 22 in setup keep-state cheers luigi > with packages of an established connection without logging, but log any > request to port 22. Is there any way to achieve this with dynamic rules > too. > > Thanks, > > Hans Hunger > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"