From owner-freebsd-ipfw@FreeBSD.ORG Sun Mar 7 05:02:06 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A349316A4CE for ; Sun, 7 Mar 2004 05:02:06 -0800 (PST) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id EDFAF43D1F for ; Sun, 7 Mar 2004 05:02:05 -0800 (PST) (envelope-from ukolsch@gmx.net) Received: (qmail 11736 invoked by uid 65534); 7 Mar 2004 13:02:04 -0000 Received: from 82-43-144-161.cable.ubr02.newm.blueyonder.co.uk (EHLO xp0) (82.43.144.161) by mail.gmx.net (mp007) with SMTP; 07 Mar 2004 14:02:04 +0100 X-Authenticated: #10165491 From: "Uwe Kolsch" To: Date: Sun, 7 Mar 2004 13:02:04 -0000 Message-ID: <00e701c40444$63d3ab00$cc06a8c0@wax.local> MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: logging and dynamic rules X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Mar 2004 13:02:06 -0000 Hi, I've set up ipfw2 on 5.2.1 like follows. add 1000 check-state #allow ssh traffic from any to any add 2022 allow log tcp from any to any 22 in setup keep-state This results in every packet of any ssh connection getting logged, not really what I want. I would like to get only the initiation of a ssh connection into the logfile. Without dynamic rules I would just deal with packages of an established connection without logging, but log any request to port 22. Is there any way to achieve this with dynamic rules too. Thanks, Hans Hunger