From owner-freebsd-security Thu Mar 16 9:50:55 2000 Delivered-To: freebsd-security@freebsd.org Received: from ab-bg.net (ab-bg.net [212.56.11.129]) by hub.freebsd.org (Postfix) with SMTP id 2149837C0BE for ; Thu, 16 Mar 2000 09:50:34 -0800 (PST) (envelope-from v0rbiz@ab-bg.net) Received: (qmail 27237 invoked by uid 1000); 16 Mar 2000 17:52:54 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 16 Mar 2000 17:52:54 -0000 Date: Thu, 16 Mar 2000 19:52:54 +0200 (EET) From: Victor Ivanov To: freebsd-security@FreeBSD.ORG Subject: Re: IPFW Logging... In-Reply-To: <3.0.5.32.20000316123010.02483780@marble.sentex.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > At 07:26 AM 3/16/00 -0800, William Woods wrote: > >I have a set of firewall rules I load and would like to be able to log > attempts > >from the blocked domains.....this is an example of one of the rules.... > > > >ipfw add 001 deny all from aol.com to any > > > >How would I make that rule log to /var/log/messages? > > > Depending on what version you are running, adjust your syslog.conf entry so > that it gets logged to your file of choice. > security.* /var/log/security > > Also, add the log command. e.g. ipfw add 1000 deny log ip from > xxx.xxx.xxx.xxx to any or: !ipfw *.* /var/log/ipfw-log (rtfm) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message