From owner-freebsd-questions@FreeBSD.ORG Tue Sep 9 04:33:44 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F9D216A4BF for ; Tue, 9 Sep 2003 04:33:44 -0700 (PDT) Received: from zim.0x7e.net (zim.0x7e.net [203.38.184.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id E7D5543FEA for ; Tue, 9 Sep 2003 04:33:42 -0700 (PDT) (envelope-from listone@deathbeforedecaf.net) Received: from goo.0x7e.net ([203.38.184.164] helo=goo) by zim.0x7e.net with smtp (Exim 3.36 #1) id 19wgkc-000989-00; Tue, 09 Sep 2003 21:03:38 +0930 Message-ID: <000501c376c6$3d3bb070$a4b826cb@goo> From: "Rob" To: "Wayne Pascoe" , References: <20030909113447.GB17219@marvin.penguinpowered.org> Date: Tue, 9 Sep 2003 21:03:48 +0930 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4927.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4927.1200 Subject: Re: Logging and IPFW X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 11:33:44 -0000 What does 'ipfw list' show? ----- Original Message ----- From: "Wayne Pascoe" Subject: Logging and IPFW > Hi all, > > We're moving from ipfilter to ipfw. Since we no longer run multiple > platforms, the benefits that we used to derive from ipfilter are > declining. Add to this the problems we've had when running it as a > module on 5.x (as opposed to compiled into the kernel), and we've > decided to move to ipfw. > > I'm trying to setup logging with IPFW. I've not compiled IPFW into my > kernel, but am instead using the ipfw.ko module. > > I have the following sysctl variables set: > net.inet.ip.fw.verbose=1 > net.inet.tcp.log_in_vain=1 > net.inet.udp.log_in_vain=1 > > However, I am still not seeing anything in /var/log/messages when I > portscan the machine. The firewall appears to be working, as we receive > nothing back on the portscanning machine, but I would like logging > enabled. > > I have the following in /etc/rc.conf > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="CLIENT" > firewall_quiet="NO" > firewall_logging="YES" > > The only place I can see firewall_logging being used is in /etc/rc.conf > and that is being used to set a sysctl variable : > > echo 'Firewall logging=YES' > sysctl net.inet.ip.fw.verbose=1 >/dev/null > > any ideas on what I'm doing wrong here ? > > thanks in advance , > > -- > Wayne Pascoe > Look buddy, doesn't work is a strong statement. > Does it sit on the couch all day? Is it making faces > at you? Does it want more money? Please be specific! > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >