From owner-freebsd-questions@FreeBSD.ORG  Tue Sep  9 07:11:34 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4943F16A4BF
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 07:11:34 -0700 (PDT)
Received: from cimlogic.com.au (cimlog.lnk.telstra.net [139.130.51.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3748743FE1
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 07:11:31 -0700 (PDT)
	(envelope-from jb@cimlogic.com.au)
Received: from freebsd1.cimlogic.com.au (localhost [127.0.0.1])
	by cimlogic.com.au (8.12.9/8.12.9) with ESMTP id h89EDsbZ062157;
	Wed, 10 Sep 2003 00:13:54 +1000 (EST)
	(envelope-from jb@cimlogic.com.au)
Received: (from jb@localhost)
	by freebsd1.cimlogic.com.au (8.12.9/8.12.9/Submit) id h89EDqIg062156;
	Wed, 10 Sep 2003 00:13:52 +1000 (EST)
Date: Wed, 10 Sep 2003 00:13:52 +1000
From: John Birrell <jb@cimlogic.com.au>
To: Wayne Pascoe <freebsd-questions@penguinpowered.org>
Message-ID: <20030909141352.GE49415@freebsd1.cimlogic.com.au>
References: <20030909113447.GB17219@marvin.penguinpowered.org>
	<20030909114214.GC49415@freebsd1.cimlogic.com.au>
	<20030909122218.GA17321@marvin.penguinpowered.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20030909122218.GA17321@marvin.penguinpowered.org>
User-Agent: Mutt/1.4.1i
cc: freebsd-questions@freebsd.org
cc: John Birrell <jb@cimlogic.com.au>
Subject: Re: Logging and IPFW
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2003 14:11:34 -0000

On Tue, Sep 09, 2003 at 01:22:18PM +0100, Wayne Pascoe wrote:
> I tried changing the rc.firewall script so that the last line in the
> CLIENT section read
> ${fwcmd} add 65535 deny ip from any to any log
> but ipfw list still just showd
> 65535 deny ip from any to any log
> 
> where should that rule with the log go in the list ? Before the last
> line ? 
> 
> Should I add a rule before 65535 that logs things ? 

The first rule that matches is executed, so if you want it to log you have
to add 'log' to that line (and every other line you want to log). You will
soon find that logging can create huge files and that it is best use sparingly.

-- 
John Birrell