From owner-freebsd-questions Thu Apr 19 12:53: 0 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id F223F37B423 for ; Thu, 19 Apr 2001 12:52:57 -0700 (PDT) (envelope-from mwm@mired.org) Received: (qmail 61789 invoked by uid 100); 19 Apr 2001 19:52:57 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15071.16921.416976.649344@guru.mired.org> Date: Thu, 19 Apr 2001 14:52:57 -0500 To: green Cc: questions@freebsd.org Subject: Re: attemp to connect In-Reply-To: <100714139@toto.iv> X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG green types: > hi > > i would like, what my freebsd machine would log any connection > attempts on any port.. > > can i do this with standart freebsd programs, or i need something > other for this feature ? It's a standard part of FreeBSD. You need to do three things to set it up: 1) load the ipfw module: kldload ipfw 2) Use sysctl to set the ipfw verbosity: sysctl -w net.inet.ip.fw.verbose=1 net.inet.ip.fw.verbose_limit=0 3) Turn on logging with ipfw: ipfw add allow log ip from any to any That allows the connection attempts and logs them. If you don't want them to work, replcae "allow" with "deny". Read the ipfw manual page for detailed information on the sysctl's and ipfw. Be warned that this exactly what you asked for, so connection attempts to localhost will be logged, and possibly denied. You may not want that. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message