From owner-freebsd-questions Sun Feb 18 0:19:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 1B5C137B4EC for ; Sun, 18 Feb 2001 00:19:12 -0800 (PST) Received: from rfx-216-196-73-168.users.reflexcom.com ([216.196.73.168]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Sun, 18 Feb 2001 00:17:19 -0800 Received: (from cjc@localhost) by rfx-216-196-73-168.users.reflexcom.com (8.11.1/8.11.1) id f1I8J2c50116; Sun, 18 Feb 2001 00:19:02 -0800 (PST) (envelope-from cjc) Date: Sun, 18 Feb 2001 00:19:01 -0800 From: "Crist J. Clark" To: Tony Wells Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFirewall & syslogd Message-ID: <20010218001901.F62368@rfx-216-196-73-168.users.reflex> Reply-To: cjclark@alum.mit.edu References: <3A8D846F.8824EEB9@journalstar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A8D846F.8824EEB9@journalstar.com>; from awells@journalstar.com on Fri, Feb 16, 2001 at 01:50:07PM -0600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Feb 16, 2001 at 01:50:07PM -0600, Tony Wells wrote: > I'm having a problem getting ipfirewall to log via syslogd. > > I compiled the kernel with the three following options: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > > I have a firewall rule that looks like this: > > deny tcp log from any to any setup > > Which deny's all the TCP connections not explicitly allowed. I hoped > to be able to see if anyone is "rattling the doorknobs", but nothing > gets logged to either /var/log/messages or /var/log/security if I try > and connect to a blocked port. > > Does anyone have any ideas why "log" isn't getting logged via syslog? Did you put anything in /etc/syslog.conf to catch the messages? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message