From owner-freebsd-security Thu Mar 16 9:32:46 2000 Delivered-To: freebsd-security@freebsd.org Received: from vinyl.sentex.ca (vinyl.sentex.ca [209.112.4.14]) by hub.freebsd.org (Postfix) with ESMTP id 58FA437BF60 for ; Thu, 16 Mar 2000 09:32:43 -0800 (PST) (envelope-from mike@sentex.ca) Received: from simoeon (simeon.sentex.ca [209.112.4.47]) by vinyl.sentex.ca (8.9.3/8.9.3) with SMTP id MAA36280; Thu, 16 Mar 2000 12:32:40 -0500 (EST) (envelope-from mike@sentex.ca) Message-Id: <3.0.5.32.20000316123010.02483780@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Thu, 16 Mar 2000 12:30:10 -0500 To: bwoods2@uswest.net, freebsd-security@FreeBSD.ORG From: Mike Tancsa Subject: Re: IPFW Logging... In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 07:26 AM 3/16/00 -0800, William Woods wrote: >I have a set of firewall rules I load and would like to be able to log attempts >from the blocked domains.....this is an example of one of the rules.... > >ipfw add 001 deny all from aol.com to any > >How would I make that rule log to /var/log/messages? Depending on what version you are running, adjust your syslog.conf entry so that it gets logged to your file of choice. security.* /var/log/security Also, add the log command. e.g. ipfw add 1000 deny log ip from xxx.xxx.xxx.xxx to any ---Mike ------------------------------------------------------------------------ Mike Tancsa, tel +1 519 651 3400 Network Administrator, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message