Date: Tue, 26 Oct 2004 07:20:46 +0400 From: Sergey Zaharchenko <doublef@tele-kom.ru> To: Spades <spades@galaxynet.org> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw flooding in /var/log/ipfw.log Message-ID: <20041026032046.GA475@shark.localdomain> In-Reply-To: <064801c4ba99$169fcab0$0300a8c0@astral> References: <057501c4ba7d$d65a7fb0$0300a8c0@astral> <20041025133443.GA6371@shark.localdomain> <064801c4ba99$169fcab0$0300a8c0@astral>
next in thread | previous in thread | raw e-mail | index | archive | help
--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 25, 2004 at 09:46:53PM +0800, Spades probably wrote: > error: >=20 > # ipfw add 900 allow log all from any to any setup > ipfw: unknown argument ``setup'' >=20 Sorry, `setup' only works with the TCP packets (I missed you used `all' there). `ipfw add 900 allow log tcp from any to any setup' should work. You can't use this with not-connection-oriented protocols, like UDP, and you'll probably have to either add the additional 'allow log udp from any to any' (which will nag you every time the machine does a DNS lookup) or just not log the UDP packets. --=20 DoubleF Talkers are no good doers. -- William Shakespeare, "Henry VI" --SLDf9lqlvOQaIe6s Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBfcKNwo7hT/9lVdwRAqdSAJ4vS11IcDOuichIQ7cU8A5fKX1lJACdEo38 z/+/E/dKzuLE2q/yjq0YMGg= =WTHA -----END PGP SIGNATURE----- --SLDf9lqlvOQaIe6s--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041026032046.GA475>