Date: Fri, 6 Sep 1996 09:13:35 -0500 From: Hal Snyder <hal@post.vale.com> To: Hal Snyder <hal@post.vale.com>, "'Nadav Eiron'" <nadav@barcode.co.il> Cc: "'Nash, Alex'" <nash@mcs.com>, "'questions@freebsd.org'" <questions@freebsd.org> Subject: RE: catching a ping/ipfw/ipfilter Message-ID: <01BB9BD3.B49048A0@jaguar>
next in thread | raw e-mail | index | archive | help
Nadav Eiron wrote:
> > For syslogging, you could enable IPFIREWALL and use the likes of
> > ipfw add accept log icmp from any to ${my_ip} icmptypes 0,8
> Better than ipfw, you can use IPfilter (I think it's in the ports, and if
> not, you can use the standard version, it has instructions for compiling
> on FreeBSD, at least for 2.1.0). Unlike ipfw it knows about ICMP types so
> you can log/block just ICMP echos.
That's precisely what the *icmptypes* arg is for in the ipfw line above.
Haven't used ipfilter - though I noticed a lengthy thread a few weeks ago
about ipfilter vs. ipfw. It turned into yet another holy war toward the end.
I know that ipfw is significantly improved in 2.1.5 over the 2.1.0 version,
including allowing rules applicable to selected ICMP packet types. I use it
because I know how to get it to work for me, and am quite happy with the
results.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BB9BD3.B49048A0>