From owner-freebsd-questions  Tue Jul 11  6:36:21 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from lerami.lerctr.org (lerami.lerctr.org [207.158.72.11])
	by hub.freebsd.org (Postfix) with ESMTP id D2FA237BEB9
	for <freebsd-questions@FreeBSD.ORG>; Tue, 11 Jul 2000 06:36:12 -0700 (PDT)
	(envelope-from ler@lerctr.org)
Received: (from ler@localhost)
	by lerami.lerctr.org (8.10.1/8.10.1/20000708) id e6BDa5t26346;
	Tue, 11 Jul 2000 08:36:05 -0500 (CDT)
From: Larry Rosenman <ler@lerctr.org>
Message-Id: <200007111336.e6BDa5t26346@lerami.lerctr.org>
Subject: Re: Re[2]: ipfilter vs ipfw
In-Reply-To: <19960.000710@home.com> "from Ben Williams at Jul 10, 2000 11:03:42
 pm"
To: Ben Williams <williamsl@home.com>
Date: Tue, 11 Jul 2000 08:36:05 -0500 (CDT)
Cc: Larry Rosenman <ler@lerctr.org>,
	Carlton Haycock <chaycock1@mindspring.com>,
	freebsd-questions@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL79 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

It does, but I want something to reduce it, or summarize the output. 

Currently I've added a separate syslog file for ipmon's output, and
have newsyslog rotate every day, and then have the daily job mail this log
to me.   I'd like something to summarize the 200K a day of junk packets
I get. 

Larry
>    Will ipmon(8) not do the type of logging you need?
> 
> --Ben Williams
> mailto:received@email dot com
> 
> Quoting Larry Rosenman                                Monday, July 10, 2000
> > Seems that IPFilter does BETTER stateful rules than a "hack" (a friends term) 
> > to IPFW to do dynamic rules. 
> 
> >>From running ipfw for a short time, I've converted over to ipfilter. 
> 
> > I just wish the rc* scripts supported ipfilter better, and that there
> > was some standard reporting mechanism for the logging output like there
> > is for ipfw. 
> 
> > Larry Rosenman
> >> 
> >> Hello,
> >> 
> >> I am in the process of building a firewall using FreeBsd.  I am aware of the firewall
> >> built into the kernel (ipfw), but I also see alot of people talking about another package
> >> called IPFILTER.  I have seen comments stating that IPFILTER is better, but no one
> >> has yet to say why or why they prefer it.  I would be most appreciative if someone
> >> could give a brief overview of the differences as far as functionality is concerned.  
> >> I have read the how-to's and stuff on FreeBsd Diary but can find nothing that does
> >> a comparison of the two.
> >> 
> >> Thanks,
> >> Carlton
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> To Unsubscribe: send mail to majordomo@FreeBSD.org
> >> with "unsubscribe freebsd-questions" in the body of the message
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message


-- 
Larry Rosenman                      http://www.lerctr.org/~ler
Phone: +1 972-414-9812 (voice) Internet: ler@lerctr.org
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message