From owner-freebsd-questions Mon Feb 19 5:28:45 2001 Delivered-To: freebsd-questions@freebsd.org Received: from level3.dynacom.net (level3.dynacom.net [206.107.213.213]) by hub.freebsd.org (Postfix) with SMTP id 9056737B401 for ; Mon, 19 Feb 2001 05:28:42 -0800 (PST) Received: (qmail 18004 invoked by uid 0); 19 Feb 2001 13:28:41 -0000 Received: from dsl1-160.dynacom.net (HELO urx.com) (206.159.132.160) by mail.urx.com with SMTP; 19 Feb 2001 13:28:41 -0000 Message-ID: <3A911F89.BAC2B9CC@urx.com> Date: Mon, 19 Feb 2001 05:28:41 -0800 From: Kent Stewart Reply-To: kstewart@urx.com Organization: Dynacom X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: wayne.pascoe@realtime.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: ipfw not logging References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Wayne Pascoe wrote: > > Hi again all, > > I have ipfw setup on my system now. At the moment, I have a fairly > simple script that sets up some very simple rules for testing. > > The script is as follows: > > #!/bin/bash > > FW_CMD=/sbin/ipfw > > $FW_CMD -f flush > $FW_CMD add reject log tcp from any to 192.168.2.253 23 > $FW_CMD add allow ip from any to any > > After executing this script, the output of ipfw l looks like > 00100 unreach host log logamount 30 tcp from any to 192.168.2.253 23 > 00200 allow ip from any to any > 65535 deny ip from any to any > > telnetting to the host is immediately rejected, but nothing is logged. > I added the following lines to my kernel config and rebuilt it. > > # Firewalling Options > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=30 > > I was not getting any log messages on my console, so I added the > following section to /etc/syslog.conf > # IPFW logging > !ipfw > *.* /var/log/ipfw.log > > I touched the logfile and restarted syslog, but nothing is being > logged to that file. > > With ipf you have to run ipmon to log stuff. Is there any similar > utility for ipfw that I am missing? Did you look at /var/log/security. That is where I found my ipfw logs. Kent > > Any help would be appreciated! > > Thanks, > > -- > - Wayne Pascoe > E-mail: wayne.pascoe@realtime.co.uk > Phone : +44 (0) 20 7544 4668 > Mobile: +44 (0) 788 431 1675 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Kent Stewart Richland, WA mailto:kbstew99@hotmail.com http://kstewart.urx.com/kstewart/index.html FreeBSD News http://daily.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message