Date: Thu, 9 Nov 2000 12:40:07 +1100 (EST) From: Rowan Crowe <rowan@sensation.net.au> To: freebsd-isp@freebsd.org Subject: ipfw - log to somewhere else? Message-ID: <Pine.BSF.4.21.0011091230220.55628-100000@velvet.sensation.net.au>
next in thread | raw e-mail | index | archive | help
Hi all, With the ever increasing number of UDP 137 and TCP 139 scans, my logs are filling up fast... between 2,000-3,000 lines per day just from ipfw. My "email diff of denied packets every 20 minutes" script is almost useless since I'm receiving an email almost every single 20 minute run, and the ipfw denies are also causing /var/messages to be rotated a lot more frequently. While I still want those ports blocked and logged for reporting purposes, is there a way to divert the log entries to another file? Just to complicate things, most of the ipfw denies come from another machine and the log entries arrive via syslog... Cheers. -- Rowan Crowe http://www.rowan.sensation.net.au/ Sensation Internet Services http://info.sensation.net.au/ Melbourne, Australia Phone: +61-3-9388-9260 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011091230220.55628-100000>