From owner-freebsd-questions Mon Feb 19 8:47:53 2001 Delivered-To: freebsd-questions@freebsd.org Received: from trinity.lee.net (trinity.lee.net [208.229.121.1]) by hub.freebsd.org (Postfix) with ESMTP id 6FFEB37B401 for ; Mon, 19 Feb 2001 08:47:50 -0800 (PST) Received: from journalstar.com (leepcD-096.sub-d.lee.net [208.205.127.96]) by trinity.lee.net (8.9.3/8.9.3) with ESMTP id KAA21541; Mon, 19 Feb 2001 10:47:33 -0600 Message-ID: <3A914E07.DF2E62EF@journalstar.com> Date: Mon, 19 Feb 2001 10:47:03 -0600 From: Tony Wells X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.0.36 i386) X-Accept-Language: en MIME-Version: 1.0 To: cjclark@alum.mit.edu Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFirewall & syslogd References: <3A8D846F.8824EEB9@journalstar.com> <20010218001901.F62368@rfx-216-196-73-168.users.reflex> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I didn't add anything, I guess I assumed the default "security" line would catch it. Since it's a kernel thing and not a process, I'm not sure what I would put in syslogd to catch the messages. "Crist J. Clark" wrote: > > On Fri, Feb 16, 2001 at 01:50:07PM -0600, Tony Wells wrote: > > I'm having a problem getting ipfirewall to log via syslogd. > > > > I compiled the kernel with the three following options: > > > > options IPFIREWALL > > options IPFIREWALL_VERBOSE > > options IPFIREWALL_VERBOSE_LIMIT=10 > > > > I have a firewall rule that looks like this: > > > > deny tcp log from any to any setup > > > > Which deny's all the TCP connections not explicitly allowed. I hoped > > to be able to see if anyone is "rattling the doorknobs", but nothing > > gets logged to either /var/log/messages or /var/log/security if I try > > and connect to a blocked port. > > > > Does anyone have any ideas why "log" isn't getting logged via syslog? > > Did you put anything in /etc/syslog.conf to catch the messages? > -- > Crist J. Clark cjclark@alum.mit.edu > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message