From owner-freebsd-isp@FreeBSD.ORG Sat May 6 13:47:04 2006 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23F9816A405 for ; Sat, 6 May 2006 13:47:04 +0000 (UTC) (envelope-from tiago@codigobinario.com.br) Received: from email.ultrawave.com.br (email.ultrawave.com.br [201.31.184.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3366C43D67 for ; Sat, 6 May 2006 13:46:57 +0000 (GMT) (envelope-from tiago@codigobinario.com.br) Received: (qmail 57853 invoked by uid 0); 6 May 2006 16:57:16 -0000 Received: from 200.210.129.133 by email.ultrawave.com.br (envelope-from , uid 0) with qmail-scanner-1.25 (clamdscan: 0.87.1/1200. spamassassin: 3.1.0. Clear:RC:1(200.210.129.133):. Processed in 0.06292 secs); 06 May 2006 16:57:16 -0000 X-Qmail-Scanner-Mail-From: tiago@codigobinario.com.br via email.ultrawave.com.br X-Qmail-Scanner: 1.25 (Clear:RC:1(200.210.129.133):. Processed in 0.06292 secs) Received: from 200-210-129-133.wireless.ultrawave.com.br (HELO ?200.210.129.133?) (tiago@ultrawave.com.br@200.210.129.133) by email.ultrawave.com.br with ESMTPA; 6 May 2006 16:57:16 -0000 Message-ID: <445CA8C7.7080507@codigobinario.com.br> Date: Sat, 06 May 2006 10:46:47 -0300 From: "Tiago N. Sampaio" User-Agent: Thunderbird 1.5.0.2 (X11/20060425) MIME-Version: 1.0 To: Alexander References: <445C50A0.2070709@matrixhome.net> <20060506073907.O54242@maildrop.int.zabbadoz.net> <445C6ACB.6020502@matrixhome.net> <20060506103551.S54242@maildrop.int.zabbadoz.net> <445CA23C.3010306@matrixhome.net> In-Reply-To: <445CA23C.3010306@matrixhome.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: IPFW and syslog X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 May 2006 13:47:04 -0000 did you try add deny log ip from any to any? ipfw add 65000 deny log ip from any to any Hugs Tiago N. Sampaio Alexander wrote: > So, I also try ipfw add 99 deny ip from any to any, but got the same > trouble... > > Bjoern A. Zeeb wrote: > >> On Sat, 6 May 2006, Alexander wrote: >> >> >>> Bjoern A. Zeeb wrote: >>> >>>> On Sat, 6 May 2006, Alexander wrote: >>>> >>>> >>>>> Default rule is deny. >>>>> Some packets is registered under default rule, but I can't find >>>>> documentation - how log to syslog packets, that denied in default >>>>> rules. >>>>> >>>> Add the same rule with rule number - 1 and add log statement. >>>> >>>> >>> Gmmmm! I have added rule: ipfw add 1 deny ip from any to any >>> And server dropped all packets... >>> >> Well >> "rule number" (for default rule) - 1 == 65535 - 1 == 65534 >> >> I guess I should have added quotes or braces or the sample. >> >> Sorry for the trouble... >> >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >