From owner-freebsd-doc@freebsd.org Mon Mar 21 16:39:10 2016 Return-Path: Delivered-To: freebsd-doc@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 14ACCAD8EC8 for ; Mon, 21 Mar 2016 16:39:10 +0000 (UTC) (envelope-from wout@canodus.be) Received: from mail1.canodus2.canodus.be (mail1.canodus2.canodus.be [83.149.89.38]) by mx1.freebsd.org (Postfix) with ESMTP id D4721A44 for ; Mon, 21 Mar 2016 16:39:09 +0000 (UTC) (envelope-from wout@canodus.be) Received: by mail1.canodus2.canodus.be (Postfix, from userid 65534) id 8F014336481; Mon, 21 Mar 2016 17:31:15 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail1.canodus2.canodus.be X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.1 Received: from t440s (94-224-208-153.access.telenet.be [94.224.208.153]) by mail1.canodus2.canodus.be (Postfix) with ESMTPSA id 48BBD336495; Mon, 21 Mar 2016 17:31:14 +0100 (CET) Message-ID: <1458577873.3661.20.camel@canodus.be> Subject: Re: Handbook section 29.4.1 Enabling IPFW From: Wout =?ISO-8859-1?Q?Decr=E9?= To: Chris Jordan Cc: freebsd-doc@freebsd.org Date: Mon, 21 Mar 2016 17:31:13 +0100 In-Reply-To: References: Organization: Canodus Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.12.9-1+b1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Mar 2016 16:39:10 -0000 On Mon, 2016-03-21 at 11:38 -0400, Chris Jordan wrote: > I'm coming back to FreeBSD after many years away and I am setting up a new > system with 10-2-release. > > I was reading through Handbook section 29.4.1 "Enabling IPFW" and it says: > "To enable logging, include this line in > /etc/rc.conf: firewall_logging="YES"". That didn't seem to work for me, so > I went looking through /etc/rc.firewall, and found it's looking for a line > like "firewall_logdeny="YES" instead, but it's only checking for that for > the case where firewall_type="workstation". IPFW logging is enabled in /etc/rc.d/ipfw: if checkyesno firewall_logging; then echo 'Firewall logging enabled.' sysctl net.inet.ip.fw.verbose=1 >/dev/null fi Should work putting firewall_logging="YES" in rc.conf. By default, logs are written to /var/log/security. > > That works fine, but it's not documented in either the handbook page or the > rc.conf(5) man page. Before I submit a problem report, I wanted to check > here if I'm missing something (maybe it's a deprecated option or > something?). > > Chris Jordan > cwjordandt@gmail.com > _______________________________________________ > freebsd-doc@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-doc > To unsubscribe, send any mail to "freebsd-doc-unsubscribe@freebsd.org"