Date: Wed, 22 Dec 2021 14:12:10 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 260609] rc.firewall options nologports but no logports ? Message-ID: <bug-260609-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260609 Bug ID: 260609 Summary: rc.firewall options nologports but no logports ? Product: Base System Version: 13.0-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: conf Assignee: bugs@FreeBSD.org Reporter: belot.nicolas@gmail.com Hello, When configuring firewall with type workstation, we can log nothing, all but max 500 logs or all except some tcp/udp ports. It's not possible to log some specific port except using firewall script but that's a great loose in term= of configuration readabilty. Is there a way to implement a rc variable firewall_logports or firewall_forcelogports and for example create rules accordingly=20 if [ -n "${firewall_logports}" ] ; then sysctl net.inet.ip.fw.verbose=3D1 >/dev/null log=3D"log logamount 500" # The default of 100 is too low. for i in ${firewall_logports} ; do ${fwcmd} add deny $log ip from any to me $i in done fi ? Best regards Nicolas --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-260609-227>