Date: Wed, 16 Jan 2002 15:59:06 +0100 From: Mark Rowlands <fuc952d@tninet.se> To: freebsd-questions@freebsd.org Subject: ipmon stopped logging. Message-ID: <20020116145906.4CF3637B404@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
been running ipmon / ipfilter for a while quite happily when.....one fine day it stopped logging. kernel options options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK dmesg IP Filter: v3.4.20 initialized. Default = block all, Logging = enabled some sample ipfilter rules from ipfstat @7 block in log quick on xl1 proto tcp from any to any flags FPU/FSRPAUC @8 block in log quick on xl1 from any to any with frag @9 block in log quick on xl1 from any to 224.0.0.0/3 @10 block in log quick on xl1 from 169.254.0.0/16 to any @11 block in log quick on xl1 from 192.168.0.0/16 to any @12 block in log quick on xl1 from 10.0.0.0/8 to any @13 block in log quick on xl1 from any to 62.5.39.0/32 @14 block in log quick on xl1 from any to 62.5.39.255/32 @15 block in log quick on xl1 from any to 255.255.255.0/24 @16 block return-rst in log quick on xl1 proto tcp from any to any (this is not my normal config, I added the logging on these rules to ensure that there would definitely be something to log) syslog.conf local0.* -/var/log/firewall_logs ls -al /var/log/fire* -rw-r--r-- 1 root wheel 0 Jan 16 12:48 firewall_logs and ipmon runs as ipmon -Dsv uname :- FreeBSD pcmarpxy 4.5-RC FreeBSD 4.5-RC #0: Tue Jan 15 21:51:55 CET 2002 This was working quite happily and no, I can' t specifically remember changing anything that might stop it from working. Any suggestions as where the problem might lie? -- Swap read error. You lose your mind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020116145906.4CF3637B404>