Date: Mon, 5 May 2003 14:43:28 +0200 From: "Barry Irwin" <bvi@itouchlabs.com> To: "Mark Bojara" <mark@mics.co.za>, <freebsd-isp@freebsd.org> Subject: Re: default to deny rule Message-ID: <01bc01c31303$fa4680e0$4508a8c0@Beastie> References: <20030505142730.A322-100000@opium.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
The easiest, is to put in a rule just befroe it say 653500 deny log logamount <x> ip from any to any you could even break it down to log against separate rule numbers for tcp, udp, icmp, etc. withc a catchall at the end. Barry -- Barry Irwin bvi@itouchlabs.com Tel: +27214875178 Systems Administrator: Networks And Security iTouch Technology iTouch TAS http://www.itouchlabs.com Mobile: +27824457210 ----- Original Message ----- From: "Mark Bojara" <mark@mics.co.za> To: <freebsd-isp@freebsd.org> Sent: Monday, May 05, 2003 2:28 PM Subject: default to deny rule > Hello All, > > I have setup a default to deny ipfw rule and I would like that rule to log > all denied packets aswell. Eg change it to: "65535 deny log ip from any to any" > > How would I do this? > > Regards > Mark Bojara > > ---------------------------------------------------------------- > A life lived in fear is half a life lived. > ---------------------------------------------------------------- > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bc01c31303$fa4680e0$4508a8c0>