From owner-freebsd-questions@FreeBSD.ORG Tue Sep 9 04:39:49 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C180416A4BF for ; Tue, 9 Sep 2003 04:39:49 -0700 (PDT) Received: from cimlogic.com.au (cimlog.lnk.telstra.net [139.130.51.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9024043FF3 for ; Tue, 9 Sep 2003 04:39:46 -0700 (PDT) (envelope-from jb@cimlogic.com.au) Received: from freebsd1.cimlogic.com.au (localhost [127.0.0.1]) by cimlogic.com.au (8.12.9/8.12.9) with ESMTP id h89BgEbZ060666; Tue, 9 Sep 2003 21:42:14 +1000 (EST) (envelope-from jb@cimlogic.com.au) Received: (from jb@localhost) by freebsd1.cimlogic.com.au (8.12.9/8.12.9/Submit) id h89BgEG2060665; Tue, 9 Sep 2003 21:42:14 +1000 (EST) Date: Tue, 9 Sep 2003 21:42:14 +1000 From: John Birrell To: Wayne Pascoe Message-ID: <20030909114214.GC49415@freebsd1.cimlogic.com.au> References: <20030909113447.GB17219@marvin.penguinpowered.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030909113447.GB17219@marvin.penguinpowered.org> User-Agent: Mutt/1.4.1i cc: freebsd-questions@freebsd.org Subject: Re: Logging and IPFW X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 11:39:49 -0000 On Tue, Sep 09, 2003 at 12:34:47PM +0100, Wayne Pascoe wrote: > However, I am still not seeing anything in /var/log/messages when I > portscan the machine. The firewall appears to be working, as we receive > nothing back on the portscanning machine, but I would like logging > enabled. Have you added the 'log' keyword to your rules? e.g: # Reject&Log all setup of incoming connections from the outside ${fwcmd} add deny log tcp from any to any in via ${oif} setup The log entries will be written to /var/log/security. -- John Birrell