From owner-freebsd-questions  Fri Feb 16 11:50:44 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from trinity.lee.net (trinity.lee.net [208.229.121.1])
	by hub.freebsd.org (Postfix) with ESMTP id 4E9E037B401
	for <freebsd-questions@FreeBSD.ORG>; Fri, 16 Feb 2001 11:50:42 -0800 (PST)
Received: from journalstar.com (leepcD-096.sub-d.lee.net [208.205.127.96])
	by trinity.lee.net (8.9.3/8.9.3) with ESMTP id NAA06760
	for <freebsd-questions@FreeBSD.ORG>; Fri, 16 Feb 2001 13:50:38 -0600
Message-ID: <3A8D846F.8824EEB9@journalstar.com>
Date: Fri, 16 Feb 2001 13:50:07 -0600
From: Tony Wells <awells@journalstar.com>
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.0.36 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: freebsd-questions@FreeBSD.ORG
Subject: IPFirewall & syslogd
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I'm having a problem getting ipfirewall to log via syslogd.

I compiled the kernel with the three following options:

options IPFIREWALL
options	IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10

I have a firewall rule that looks like this:

deny tcp log from any to any setup

Which deny's all the TCP connections not explicitly allowed.  I hoped
to be able to see if anyone is "rattling the doorknobs", but nothing
gets logged to either /var/log/messages or /var/log/security if I try
and connect to a blocked port.

Does anyone have any ideas why "log" isn't getting logged via syslog?

TIA,
Tony Wells


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message