From owner-freebsd-questions@FreeBSD.ORG  Tue Sep  9 08:57:10 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0FDA216A4BF
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 08:57:10 -0700 (PDT)
Received: from franklin-belle.com (adsl-65-68-247-73.dsl.crchtx.swbell.net
	[65.68.247.73])	by mx1.FreeBSD.org (Postfix) with ESMTP id 0CE8A43FF5
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 08:57:07 -0700 (PDT)
	(envelope-from jackstone@sage-one.net)
Received: from sagea (sagea.sage-american [10.0.0.3])
	by franklin-belle.com (8.12.8p1/8.12.8) with SMTP id h89FuolP052237;
	Tue, 9 Sep 2003 10:56:50 -0500 (CDT)
	(envelope-from jackstone@sage-one.net)
Message-Id: <3.0.5.32.20030909105703.013a70d8@sage-one.net>
X-Sender: jackstone@sage-one.net
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
Date: Tue, 09 Sep 2003 10:57:03 -0500
To: <chael@southgate.ph.inter.net>,
	"Wayne Pascoe" <freebsd-questions@penguinpowered.org>,
	<freebsd-questions@freebsd.org>
From: "Jack L. Stone" <jackstone@sage-one.net>
In-Reply-To: <001b01c376d8$b64f7520$490ea8cb@mrj>
References: <20030909113447.GB17219@marvin.penguinpowered.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Status: No, hits=-1.7 required=4.5
	tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,REFERENCES,
	      REPLY_WITH_QUOTES
	version=2.55-fbelle.rules_v1
X-Spam-Checker-Version: SpamAssassin 2.55-fbelle.rules_v1
	(1.174.2.19-2003-05-19-exp)
Subject: Re: Logging and IPFW
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2003 15:57:10 -0000

At 09:46 PM 9.9.2003 +0800, chael@southgate.ph.inter.net wrote:
>
>just edit the rules concerned in rc.firewall to add the word "log" to rules
>you want logged.
>
>e.g. -- ${fwcmd} add pass log tcp from any to ${oip} 80 setup
>
>and tail the /var/log/security instead of messages.
>

...and, for its own ipfw log, put this in your syslog.conf,
!ipfw
*.*                                             /var/log/ipfw.log

and then touch the ipfw.log file in /var/log
and then restart syslogd
...then tail that file, or send yourself emails of the log....

Best regards,
Jack L. Stone,
Administrator

SageOne Net
http://www.sage-one.net
jackstone@sage-one.net