Date: Wed, 9 Mar 2011 09:48:01 +0000 From: Greg Hennessy <Greg.Hennessy@nviz.net> To: Michael <mlmichael70@gmail.com> Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: RE: multiple loginterface Message-ID: <9E8D76EC267C9444AC737F649CBBAD9027BC9A456D@PEMEXMBXVS02.jellyfishnet.co.uk.local> In-Reply-To: <4D774B3D.3050108@gmail.com> References: <4D76BF41.9000406@gmail.com> <9E8D76EC267C9444AC737F649CBBAD9027BC9A4538@PEMEXMBXVS02.jellyfishnet.co.uk.local> <4D774B3D.3050108@gmail.com>
index | next in thread | previous in thread | raw e-mail
As long as PF is enabled and you haven't done a 'set skip on interface'. Putting block log all' at the start of the policy will catch everything hitting the default deny and adding 'log' to the access rules will record everything else. If you're using the platform as a multihomed firewall, it may make life simpler to grant the egress interfaces access by default, and put security policy enforcement on the ingress interface. Regards Greg > -----Original Message----- > From: Michael [mailto:mlmichael70@gmail.com] > Sent: 09 March 2011 9:41 AM > To: Greg Hennessy > Cc: freebsd-pf@freebsd.org > Subject: Re: multiple loginterface > > On 09/03/2011 09:29, Greg Hennessy wrote: > > What's the likely use case ? Jails ? > > > > I was thinking about something else, please correct me if I'm wrong. I'm using > two interfaces to get online on a regular basis, one is gsm and another one is > wifi. > I want to monitor both of them at any given time so I thought I need multiple > loginterfaces? > > Michaelhelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9E8D76EC267C9444AC737F649CBBAD9027BC9A456D>