Date: Fri, 27 Jun 1997 07:47:07 -0700 (PDT) From: "Jonathan M. Bresler" <jmb> To: nathan@senate.org (Nathan Dorfman) Cc: freebsd-security@freebsd.org Subject: Re: ICMP Logging Message-ID: <199706271447.HAA24410@hub.freebsd.org> In-Reply-To: <199706271343.JAA04122@limbo.senate.org> from "Nathan Dorfman" at Jun 27, 97 09:43:05 am
next in thread | previous in thread | raw e-mail | index | archive | help
Nathan Dorfman wrote: > > Is there a way for the kernel to syslog(3) all ICMP messages? This would serve > two purposes; a) as I have all syslog messages directed to an unused vty I > could observer such DoS attacks in progress and b) if they are stored in the > log files I could use the logs in case the matter needed to be pursued further. use the "log" option in ipfw for icmp packets for instance: ipfw add <rule#> allow log icmp from any to any dont forget the default rule: 65535 deny all from any to any so allow any traffic you want, even if its all traffic ipfw add <rule#> allog all from any to any > > If this is not a part of the current kernel, it would (IMO) be a very good > addition to -current and -stable. If you *are* planning on adding it soon, > please let me know and I'll hold off my upgrade (I'm currently running 2.2.1- > RELEASE and wanted to upgrade to -stable). > ipfw has been in the source tree since 94.10.28 jmb
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706271447.HAA24410>