From owner-freebsd-security  Tue Jul 25 19:23:19 2000
Delivered-To: freebsd-security@freebsd.org
Received: from snafu.adept.org (adsl-63-201-63-44.dsl.snfc21.pacbell.net [63.201.63.44])
	by hub.freebsd.org (Postfix) with ESMTP id 8EEDE37BD98
	for <freebsd-security@FreeBSD.ORG>; Tue, 25 Jul 2000 19:23:16 -0700 (PDT)
	(envelope-from mike@adept.org)
Received: by snafu.adept.org (Postfix, from userid 1000)
	id 6CA069EE01; Tue, 25 Jul 2000 19:22:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by snafu.adept.org (Postfix) with ESMTP
	id 697909B001; Tue, 25 Jul 2000 19:22:48 -0700 (PDT)
Date: Tue, 25 Jul 2000 19:22:48 -0700 (PDT)
From: Mike Hoskins <mike@adept.org>
To: Stephen Montgomery-Smith <stephen@math.missouri.edu>
Cc: Andrew Johns <johnsa@kpi.com.au>, freebsd-security@FreeBSD.ORG
Subject: Re: log with dynamic firewall rules
In-Reply-To: <397E48D1.DEC661C5@math.missouri.edu>
Message-ID: <Pine.BSF.4.21.0007251919050.28786-100000@snafu.adept.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 25 Jul 2000, Stephen Montgomery-Smith wrote:

> Now it seems to me that what should happen is this:  When
> someone ssh's into my.computer I should see in the log file
> ipfw: 600 Accept TCP 66.77.88.99:1000 12.34.56.78:22 in via rl0

You have a good point...  It should be possible to configure a rule to log
either way...  Continuouslly (perhaps, make this the default behavior) or
setup only (via some flag).

-mrh



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message