From owner-freebsd-hackers@FreeBSD.ORG  Tue Sep  7 14:26:08 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9F2A316A4E2
	for <freebsd-hackers@freebsd.org>;
	Tue,  7 Sep 2004 14:26:08 +0000 (GMT)
Received: from mailserv1.neuroflux.com (mailserv1.neuroflux.com
	[204.228.228.92])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 40B0B43D53
	for <freebsd-hackers@freebsd.org>;
	Tue,  7 Sep 2004 14:26:08 +0000 (GMT)
	(envelope-from ryans@gamersimpact.com)
Received: (qmail 51435 invoked by uid 89); 7 Sep 2004 14:32:14 -0000
Received: from unknown (HELO www2.neuroflux.com) (127.0.0.1)
  by localhost with SMTP; 7 Sep 2004 14:32:14 -0000
Received: from 208.4.77.15
        (SquirrelMail authenticated user ryans@gamersimpact.com)
        by www2.neuroflux.com with HTTP;
        Tue, 7 Sep 2004 08:32:14 -0600 (MDT)
Message-ID: <57396.208.4.77.15.1094567534.squirrel@www2.neuroflux.com>
Date: Tue, 7 Sep 2004 08:32:14 -0600 (MDT)
From: "Ryan Sommers" <ryans@gamersimpact.com>
To: freebsd-hackers@freebsd.org
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
Subject: IPFIREWALL_VERBOSE stopped logging?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2004 14:26:08 -0000

I'm trying to figure out why my firewall has stopped logging to
/var/log/security. The last entry was from Aug 17 and there has been at
least one restart and a few hundred thousand packets denied.

FreeBSD ***** 5.2.1-RELEASE-p8 FreeBSD 5.2.1-RELEASE-p8 #1: Thu Jul  1
18:24:26 CDT 2004     root@moleman:/usr/obj/usr/src/sys/MOLEMAN  i386

(root@node15):~:#ipfw list | tail -2
03000 deny log tcp from any to any in via xl0 setup
65535 deny ip from any to any

(root@node15):~:#sysctl net.inet.ip.fw
net.inet.ip.fw.enable: 1
net.inet.ip.fw.autoinc_step: 100
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 0
(truncated)

(root@node15):~:#grep security /etc/syslog.conf
security.*                                      /var/log/security

What am I missing?


-- 
Ryan "leadZERO" Sommers
Gamer's Impact President
ryans@gamersimpact.com
ICQ: 1019590
AIM/MSN: leadZERO

-= http://www.gamersimpact.com =-