Date: Mon, 17 Sep 2001 06:33:54 -0700 From: Randy Bush <randy@psg.com> To: freebsd-security@freebsd.org Subject: ipfw logging to dmesg not /var/log/syslog Message-ID: <E15iyX4-000FBj-00@rip.psg.com>
next in thread | raw e-mail | index | archive | help
why is ipfw's logging in dmesg as opposed to /var/log/security? 4.4-RC [ some ip addresses changed ] # ipfw show 00100 98 3528 allow ip from 42.666.32.0/24 to any 00200 101 3780 allow ip from 42.666.42.0/24 to any 00300 3 185 allow ip from 42.666.49.0/24 to any 00400 1 36 deny icmp from any to 666.42.0.3 icmptype 8 00500 1 36 deny icmp from any to 666.42.0.4 icmptype 8 00600 7886 2583885 deny log logamount 100 icmp from any to 666.42.0.39 icmptype 8 00700 7435873 932696758 allow ip from any to any 65535 28 1803 deny ip from any to any # sysctl net.inet.ip.fw net.inet.ip.fw.enable: 1 net.inet.ip.fw.one_pass: 1 net.inet.ip.fw.debug: 1 net.inet.ip.fw.verbose: 1 net.inet.ip.fw.verbose_limit: 100 net.inet.ip.fw.dyn_buckets: 256 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.dyn_max: 1000 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_fin_lifetime: 20 net.inet.ip.fw.dyn_rst_lifetime: 5 net.inet.ip.fw.dyn_short_lifetime: 30 # cat /var/log/security # -- from /etc/syslog.conf # Log all security messages to a separate file. security.* /var/log/security # dmesg ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 202.138.24.6 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 202.138.24.6 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 195.138.133.10 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 212.25.76.130 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 203.166.26.98 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 211.188.128.2 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 149.239.191.1 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.147 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.147 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.148 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 63.123.132.2 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.150 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 212.9.161.92 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.147 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.148 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 146.83.188.5 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 63.123.132.2 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.150 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 212.9.161.92 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.147 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.148 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 146.83.188.5 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 63.123.132.2 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.150 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 212.9.161.92 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.147 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 209.16.20.148 666.42.0.39 in via fxp0 ipfw: 600 Deny ICMP:8.0 196.40.17.129 666.42.0.39 in via fxp0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E15iyX4-000FBj-00>