From owner-freebsd-stable@FreeBSD.ORG  Sat Nov  1 22:22:38 2003
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BF8F016A4CE
	for <freebsd-stable@freebsd.org>;
	Sat,  1 Nov 2003 22:22:38 -0800 (PST)
Received: from smtp3.eunet.yu (smtp3.eunet.yu [194.247.192.243])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 23F4843FAF
	for <freebsd-stable@freebsd.org>;
	Sat,  1 Nov 2003 22:22:37 -0800 (PST)	(envelope-from kolicz@eunet.yu)
Received: from smtp3.EUnet.yu (root@localhost)
	by smtp3.eunet.yu (8.12.10/8.12.10) with SMTP id hA26MZ7G013344
	for <freebsd-stable@freebsd.org>; Sun, 2 Nov 2003 07:22:35 +0100
Received: from localhost.my.domain (P-2.125.EUnet.yu [213.240.2.125])
	by smtp3.eunet.yu (8.12.10/8.12.10) with ESMTP id hA26MXd8013315
	for <freebsd-stable@freebsd.org>; Sun, 2 Nov 2003 07:22:34 +0100
Received: from localhost.my.domain (localhost [127.0.0.1])
	by localhost.my.domain (8.12.9/8.12.9) with ESMTP id hA26MKij000735
	for <freebsd-stable@freebsd.org>; Sun, 2 Nov 2003 07:22:23 +0100 (CET)
	(envelope-from kolicz@eunet.yu)
Received: (from zoran@localhost)
	by localhost.my.domain (8.12.9/8.12.9/Submit) id hA26Bs4g000573
	for freebsd-stable@freebsd.org; Sun, 2 Nov 2003 07:11:54 +0100 (CET)
	(envelope-from kolicz@eunet.yu)
X-Authentication-Warning: localhost.my.domain: zoran set sender to
	kolicz@eunet.yu using -f
Date: Sun, 2 Nov 2003 07:11:54 +0100
From: Zoran Kolic <kolicz@eunet.yu>
To: freebsd-stable@freebsd.org
Message-ID: <20031102061154.GA539@>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: ipfw2 logging
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Nov 2003 06:22:38 -0000


Dear list!
I have a little problem, trying
to enable logging of deny rule.
I have enabled it via kernel:

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=3

It is ipfw2. After that, my inten-
tion was to use syslogd and

!ipfw
*.*       /var/log/ipfw.log

and newsyslog with

/var/log/ipfw.log  600 3 100   *   J

In rc.conf I have

firewall_enable="YES"
firewall_logging="YES"

Well! Firewall works, I have data
with "ipfw show", but there is no
log. My intentioned rule is

add 65535 deny log all from any to any

It should work, but is does not.
What I am doing wrong?
With no syslogd and newsyslog, log
would be in "messages" file in
/var/log directory?

                   ZK