Date: Fri, 22 Feb 2002 03:00:25 -0800 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Simon J Mudd <sjmudd@pobox.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw and getting the interface logged Message-ID: <20020222030025.M48401@blossom.cjclark.org> In-Reply-To: <861yfen1tv.fsf@unicorn.ea4els.ampr.org>; from sjmudd@pobox.com on Thu, Feb 21, 2002 at 07:10:04PM %2B0100 References: <Pine.LNX.4.44.0202211714050.30303-100000@phoenix.ea4els.ampr.org> <861yfen1tv.fsf@unicorn.ea4els.ampr.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 21, 2002 at 07:10:04PM +0100, Simon J Mudd wrote:
> sjmudd@pobox.com (Simon J Mudd) writes:
>
> > Feb 21 16:13:56 unicorn /kernel: Connection attempt to TCP 44.133.228.2:6000 from 44.133.228.5:2187
> > Feb 21 16:13:57 unicorn /kernel: Connection attempt to TCP 44.133.228.2:6000 from 44.133.228.5:2188
>
> Typical "not reading the manual" shows me that this is in
> /var/log/messages and in fact the ipfw logging is working in
> /var/log/security
>
> I'm just surprised that the firewall_log_in_vain sysctl doesn't
> produce the output in the same file as the ipfw output. Perhaps it
> would make sense to duplicate this.
That actually may be a good idea. log_in_vain is presently logged to
the 'kern' facility which is why it ends up in messages and not
security. You can change your syslog.conf so they go there.
I think I'll propose changing log_in_vain to use the 'security'
facility.
> Now I can see what's going on I can probably find the problem with my
> rules.
Like I said a number of times, ;) there is no problem with your
firewall rules. Your X server is not listening.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020222030025.M48401>