Date: Wed, 13 Oct 2010 23:49:51 +0200 From: Luigi Rizzo <rizzo@iet.unipi.it> To: Kevin Oberman <oberman@es.net> Cc: Marcin <nickson@interia.pl>, freebsd-stable@freebsd.org, Jeremy Chadwick <freebsd@jdc.parodius.com> Subject: Re: Problem with security log Message-ID: <20101013214951.GA17025@onelab2.iet.unipi.it> In-Reply-To: <20101013204324.43E941CC3E@ptavv.es.net> References: <AANLkTin9MZpQniOogFhQFUKGRtgyk9xv7afrfWrDu_Me@mail.gmail.com> <20101013204324.43E941CC3E@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 13, 2010 at 01:43:24PM -0700, Kevin Oberman wrote: ... > > > It sounds like the only way to solve this issue is to improve/fix the > > > msgbuf code. Alternatively, you could consider moving from ipfw to > > > pf(4) and use pflog(4) / pflogd(8). > > > > or you can use the log option of ipfw and run tcpdump on the "ipfw0" > > pseudo interface > > which will give you all the traffic that matches a 'log' rule (there > > is a sysctl variable that > > controls whether log goes to syslog or to the ipfw pseudo interface) > > Is the any real documentation on the ipfw0 device and how to use it? I > can see it as being very handy. documentation ? what's that :) thanks for the reminder, just committed some text to ipfw.8 in HEAD to document the feature. cheers luigi > R. Kevin Oberman, Network Engineer > Energy Sciences Network (ESnet) > Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) > E-mail: oberman@es.net Phone: +1 510 486-8634 > Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101013214951.GA17025>