From owner-freebsd-questions  Fri Apr 13 10:23:33 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from h24-69-46-74.gv.shawcable.net (h24-69-46-74.gv.shawcable.net [24.69.46.74])
	by hub.freebsd.org (Postfix) with ESMTP id 6A44837B440
	for <freebsd-questions@freebsd.org>; Fri, 13 Apr 2001 10:23:29 -0700 (PDT)
	(envelope-from michael@tenzo.com)
Received: from h24-69-46-74.gv.shawcable.net (localhost.gv.shawcable.net [127.0.0.1])
	by h24-69-46-74.gv.shawcable.net (8.11.1/8.11.1) with SMTP id f3DHPwp00934;
	Fri, 13 Apr 2001 10:25:59 -0700 (PDT)
	(envelope-from michael@tenzo.com)
Content-Type: text/plain;
  charset="iso-8859-1"
From: "Michael O'Henly" <michael@tenzo.com>
Reply-To: michael@tenzo.com
Organization: TENZO Design
To: freebsd-questions@freebsd.org
Subject: Re: ipfw logging
Date: Fri, 13 Apr 2001 10:25:58 -0700
X-Mailer: KMail [version 1.2]
References: <Pine.BSF.4.21.0104131301060.4776-100000@istar.ca>
In-Reply-To: <Pine.BSF.4.21.0104131301060.4776-100000@istar.ca>
Cc: Dru <genisis@istar.ca>
MIME-Version: 1.0
Message-Id: <01041310255800.00610@h24-69-46-74.gv.shawcable.net>
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I'm in the process of creating a firewall and came across this kernel option 
last night:

options IPFIREWALL_VERBOSE

The Handbook says: "Enables code to allow logging of packets through 
syslogd(8). Without this option, even if you specify that packets should be 
logged in the filter rules, nothing will happen."

It sounds like you may already have this option set (since you're getting 
logging to the console), but perhaps not?

M.

On Friday 13 April 2001 10:10, Dru wrote:
> Have ipfw running fine on 4.2-Release, it logs beautifully to the console
> the packets that I would expect to see logged. However, I must be missing
> something obvious as it refuses to log to a file. Here's the appropriate
> lines that I've added to:
>
> /etc/rc.conf
> firewall_logging_enable="YES"
>
> /etc/syslog.conf
> !ipfw
> *.*						/var/log/ipfwlog
>
> I added those 2 lines at the bottom of syslog.conf and I used TABs, not
> spaces.
>
> I then "touch"ed /var/log/ipfwlog, and have left the default permissions
> on for the moment:
>
> ls -l /var/log/ipfwlog
> -rw-r--r--  1 root  wheel  0 Apr 13 12:58 /var/log/ipfwlog
>
> Am I missing a typo or something, or have I forgotten to add another line
> someplace? I've "hup"ped syslogd umpteen times, not to mention re-booting
> several times.
>
> TIA,
>
> Dru
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
Michael O'Henly
TENZO Design

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message