From owner-freebsd-isp@FreeBSD.ORG Mon May 5 05:45:38 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D489237B404 for ; Mon, 5 May 2003 05:45:37 -0700 (PDT) Received: from mx1.dev.itouchnet.net (itouchlabs.com [196.15.188.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8150643FBD for ; Mon, 5 May 2003 05:45:33 -0700 (PDT) (envelope-from bvi@itouchlabs.com) Received: from nobody by mx1.dev.itouchnet.net with scanned_ok (Exim 3.35 #1) id 19CfOz-000PXy-00 for freebsd-isp@freebsd.org; Mon, 05 May 2003 14:49:05 +0200 X-TLS: TLSv1:RC4-MD5:128 itouchlabs.com -> mx1.dev.itouchnet.net Received: from itouchlabs.com ([196.15.188.2] helo=Beastie) by mx1.dev.itouchnet.net with esmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 19CfOy-000PXg-00; Mon, 05 May 2003 14:49:04 +0200 Message-ID: <01bc01c31303$fa4680e0$4508a8c0@Beastie> From: "Barry Irwin" To: "Mark Bojara" , References: <20030505142730.A322-100000@opium.co.za> Date: Mon, 5 May 2003 14:43:28 +0200 Organization: iTouch Labs MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Checked: This message has been scanned for any virusses and unauthorized attachments. X-iScan-ID: 98200-1052138945-20150@unconfigured version $Name: REL_2_0_4 $ Subject: Re: default to deny rule X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 May 2003 12:45:39 -0000 The easiest, is to put in a rule just befroe it say 653500 deny log logamount ip from any to any you could even break it down to log against separate rule numbers for tcp, udp, icmp, etc. withc a catchall at the end. Barry -- Barry Irwin bvi@itouchlabs.com Tel: +27214875178 Systems Administrator: Networks And Security iTouch Technology iTouch TAS http://www.itouchlabs.com Mobile: +27824457210 ----- Original Message ----- From: "Mark Bojara" To: Sent: Monday, May 05, 2003 2:28 PM Subject: default to deny rule > Hello All, > > I have setup a default to deny ipfw rule and I would like that rule to log > all denied packets aswell. Eg change it to: "65535 deny log ip from any to any" > > How would I do this? > > Regards > Mark Bojara > > ---------------------------------------------------------------- > A life lived in fear is half a life lived. > ---------------------------------------------------------------- > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > >