From owner-freebsd-questions Fri Apr 21 15:46: 3 2000 Delivered-To: freebsd-questions@freebsd.org Received: from teapot06.domain1.bigpond.com (teapot06.domain1.bigpond.com [139.134.5.237]) by hub.freebsd.org (Postfix) with SMTP id 12B0837B796 for ; Fri, 21 Apr 2000 15:46:00 -0700 (PDT) (envelope-from arakias@bigpond.com) Received: from localhost (localhost [127.0.0.1]) by teapot06.domain1.bigpond.com (NTMail 3.02.13) with ESMTP id ba099035 for ; Sat, 22 Apr 2000 08:39:31 +1000 Received: from MLIP-A-001-pool-23.tmns.net.au ([139.134.240.23]) by mail1.bigpond.com (Claudes-Equilateral-MailRouter V2.7e 1/9115906); 22 Apr 2000 08:39:30 Message-Id: <4.2.0.58.20000422083216.00952c50@mail.bigpond.com> X-Sender: arakias@mail.bigpond.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Sat, 22 Apr 2000 08:36:43 +1000 To: freebsd-questions@freebsd.org From: Duncan Subject: RE: logging Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG yes the only thing i am getting in security is users logging in, su and bad su etc.... >Fri Apr 21 12:36:30 EDT 2000 >Hi, >I get my firewall logs in /var/log/security >Have you looked there. >Andrew. > > >On Fri, Apr 21, 2000 at 09:03:33PM +1000, Duncan wrote: > Hello > > I'm am having trouble with my logs. > I have tried various things like adding ' log_in_vain="YES" ' in rc.conf > (which i read from a post on the security list) > > !ipfw > *.* /var/log/ipfw > > but the only information i am getting is stuff like : > > 00200 0 0 deny ip from any to 127.0.0.0/8 > 01400 20 1008 deny log tcp from any to any via ppp0 setup > 65535 602 28986 deny ip from any to any > > (from /var/log/ipfw.today) which by itself is useless for me. > I am trying to set it up so i can see the source address and ports so i at > least > can see more of what's going on. > > I have a custom kernel with the ipfirewall and divert for natd and am currently > running 3.2-release. > sorry for not giving more information but i am new to this and not sure > what else > to put. > > Any help is much appreciated > Thank you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message