Date: Wed, 11 Feb 2004 01:06:43 +0100 From: Friedemann Becker <Friedemann.Becker@web.de> To: joe <barbish3@adelphia.net>, freebsd-bugs@freebsd.org Subject: Re: kern/62598: no logging on ipfw loadable module Message-ID: <40297213.70809@web.de> In-Reply-To: <200402091845.i19IjvEU041995@www.freebsd.org> References: <200402091845.i19IjvEU041995@www.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
joe wrote: >>Number: 62598 >>Category: kern >[...] > > By original design, it's not suppose to be an mandatory requirement that you enable > IPFW by compiling it's options into your customized FBSD kernel. IPFW > is included in the basic FBSD install as a separate run time loadable module. > For some unknown reason the loadable module was compiled with, logging disabled > This means the loadable IPFW module has absolutely no logging available. This > configuration is non-logical, does not reflect the needs of the majority of > IPFW users, and is pretty much useless. A firewall without logging ability is > just plain unheard of. the precompiled module comes with preset compile time options, but have you tried the the corresponding sysctl variables in net.inet.ip.fw, especially net.inet.ip.fw.verbose and net.inet.ip.fw.verbose_limit? see the manpage, section "RULE FORMAT", command "log", for details Friedemann
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40297213.70809>