Date: Mon, 21 Mar 2016 17:31:13 +0100 From: Wout =?ISO-8859-1?Q?Decr=E9?= <wout@canodus.be> To: Chris Jordan <cwjordandt@gmail.com> Cc: freebsd-doc@freebsd.org Subject: Re: Handbook section 29.4.1 Enabling IPFW Message-ID: <1458577873.3661.20.camel@canodus.be> In-Reply-To: <CAPOquS8BoY5T_a6Nd0Opg-wQ-QoNV=UCBKySbmWAPLto3NiojQ@mail.gmail.com> References: <CAPOquS8BoY5T_a6Nd0Opg-wQ-QoNV=UCBKySbmWAPLto3NiojQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2016-03-21 at 11:38 -0400, Chris Jordan wrote: > I'm coming back to FreeBSD after many years away and I am setting up a new > system with 10-2-release. > > I was reading through Handbook section 29.4.1 "Enabling IPFW" and it says: > "To enable logging, include this line in > /etc/rc.conf: firewall_logging="YES"". That didn't seem to work for me, so > I went looking through /etc/rc.firewall, and found it's looking for a line > like "firewall_logdeny="YES" instead, but it's only checking for that for > the case where firewall_type="workstation". IPFW logging is enabled in /etc/rc.d/ipfw: if checkyesno firewall_logging; then echo 'Firewall logging enabled.' sysctl net.inet.ip.fw.verbose=1 >/dev/null fi Should work putting firewall_logging="YES" in rc.conf. By default, logs are written to /var/log/security. > > That works fine, but it's not documented in either the handbook page or the > rc.conf(5) man page. Before I submit a problem report, I wanted to check > here if I'm missing something (maybe it's a deprecated option or > something?). > > Chris Jordan > cwjordandt@gmail.com > _______________________________________________ > freebsd-doc@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-doc > To unsubscribe, send any mail to "freebsd-doc-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1458577873.3661.20.camel>