Date: Sat, 7 Apr 2001 12:31:20 -0700 From: Sean Chittenden <sean-freebsd-ipfw@chittenden.org> To: michal.kutnohorsky@asp1000.com Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw logging isnt enable during booting Message-ID: <20010407123120.B85113@rand.tgd.net> In-Reply-To: <381F2A6B1CC4C449B19CA48BA7A2A87B0E1DB8@server.asp1000.cz>; from "michal.kutnohorsky@asp1000.com" on Fri, Apr 06, 2001 at = 11:38:03AM References: <381F2A6B1CC4C449B19CA48BA7A2A87B0E1DB8@server.asp1000.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
--m51xatjYGsM+13rf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > after rebooting system i found this in dmesg > ip packet filtering initialized, divert enabled, rule-base forwarding > disabled, defalut to deny, logging disabled. >=20 > and on console it wrote error message: "ipfw_ctl bad command" - or someth= ig > like this Hmm.... sounds like a type-o in your /etc/rc.firewall. > firwall is working natd too >=20 > but as you can see logging is disabled but shoud be enable if the kernel = is > recompiled with IPFIREWALL_VERBOSE options IPFIREWALL # firewall options IPFIREWALL_VERBOSE # print info about dropped packets options IPFIREWALL_VERBOSE_LIMIT=3D1000 > when i enable logging by command net.inet.ip.fw.verbose=3D1 its working >=20 > should i use some patch or its fault of configuration? Configuration. Here are some entries out of /etc/defaults/rc.conf. Try firewall_logging=3D"YES" and rebooting. ### Basic network and firewall/security options: ### firewall_enable=3D"NO" # Set to YES to enable firewall functiona= lity firewall_script=3D"/etc/rc.firewall" # Which script to run to set up the fi= rewall firewall_type=3D"UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet=3D"NO" # Set to YES to suppress rule display firewall_logging=3D"NO" # Set to YES to enable events logging firewall_flags=3D"" # Flags passed to ipfw when type is a file --=20 Sean Chittenden --m51xatjYGsM+13rf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden <sean@chittenden.org> iEYEARECAAYFAjrPawgACgkQn09c7x7d+q2yTwCfXk9OCkD16ZeysBkzm08UYVS4 KpQAn2h6XOPPZEA4ubSPFCYZDi1rFiiT =gpfT -----END PGP SIGNATURE----- --m51xatjYGsM+13rf-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010407123120.B85113>