From owner-freebsd-questions Tue Oct 30 0:46:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from berbee.com (berbee.com [205.173.176.16]) by hub.freebsd.org (Postfix) with ESMTP id 2F09237B401 for ; Tue, 30 Oct 2001 00:46:40 -0800 (PST) Received: from there (msn-office2.binc.net [64.73.12.253]) by berbee.com (8.11.2/8.11.2) with SMTP id f9U8kWf22676; Tue, 30 Oct 2001 02:46:32 -0600 Message-Id: <200110300846.f9U8kWf22676@berbee.com> Content-Type: text/plain; charset="iso-8859-1" From: Rob Zietlow To: rene@xs4all.nl Subject: Re: IPF_DEFAULT_BLOCK what? Date: Tue, 30 Oct 2001 02:46:30 -0600 X-Mailer: KMail [version 1.3.1] References: <20011030093803.K9657@xs4all.nl> In-Reply-To: <20011030093803.K9657@xs4all.nl> Cc: questions@Freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Make sure to also compile options IPFILTER_LOG Into your kernel. once that is in place #touch /var/log/ then add local0.* /var/log/ Into /etc/syslog.conf Kill -HUP syslog And it should start logging for you, as long as your IPF rules state logging. block in log on xl0 This will block everything on your interface (change the xl0 to your interface name) and it will be put into your log file On Tuesday 30 October 2001 02:38 am, you wrote: > Hi. I'm running ipf as a firewall with IPF_DEFAULT_BLOCK. I would like to > see which packets get blocked when it hits the default rule. Can anyone > tell me how to accomplish that? > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message