From owner-freebsd-questions@FreeBSD.ORG Tue Apr 1 12:21:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD9B337B401 for ; Tue, 1 Apr 2003 12:21:37 -0800 (PST) Received: from devil.stderror.at (at00d01-adsl-194-118-044-149.nextranet.at [194.118.44.149]) by mx1.FreeBSD.org (Postfix) with ESMTP id 330F743F3F for ; Tue, 1 Apr 2003 12:21:36 -0800 (PST) (envelope-from pinhead@stderror.at) Received: by devil.stderror.at (Postfix, from userid 1000) id 847EE171EF; Tue, 1 Apr 2003 22:21:32 +0200 (CEST) Date: Tue, 1 Apr 2003 22:21:32 +0200 From: Toni Schmidbauer To: freebsd-questions@freebsd.org Message-ID: <20030401202132.GG10095@devil.stderror.at> Mail-Followup-To: freebsd-questions@freebsd.org References: <20030401142651.55283003.asenchi@asenchi.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="TBNym+cBXeFsS4Vs" Content-Disposition: inline In-Reply-To: <20030401142651.55283003.asenchi@asenchi.com> User-Agent: Mutt/1.4.1i Subject: Re: logging websites visited X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: toni@stderror.at List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2003 20:21:38 -0000 --TBNym+cBXeFsS4Vs Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 01, 2003 at 02:26:51PM -0500, Asenchi wrote: >=20 > I have a been googling and reading for about 3-4 weeks on this, and can't= seem to find the answer to. How do I log internet connections through my = firewall. I am running IPFW with Natd and I want to log who is going to wh= at site. Is there a way to do this? (I know, of course there is, ITS BSD!) see man ipfw(5): log [logamount number] When a packet matches a rule with the log keyword, a message will be logged to syslogd(8) with a LOG_SECURITY facility. The logging only occurs if the sysctl variable net.inet.ip.fw.verbose is set to 1 (which is the default when the kernel is compiled with IPFIREWALL_VERBOSE ) and the number of packets logged so far for that particular rule does not exceed ther logamount parameter. If no logamount is specified, the limit is taken from the sysctl variable net.inet.ip.fw.verbose_limit. In both cases, a value of 0 removes the logging limit. toni --=20 Behandle die Menschen, als w=E4ren sie, was sie sein | toni@stderror.at sollten, und du wirst ihnen helfen, zu werden, was | Toni Schmidbauer sie sein k=F6nnen. - Johann Wolfgang von Goethe | --TBNym+cBXeFsS4Vs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+ifTLu/mjSj7RMocRApvNAJ9m3DC6Fpk3FAz4ZwgsTcXGAE3UeQCfQ/kX jLE4S2bBXcasEoIOGQOYVb4= =v6Yl -----END PGP SIGNATURE----- --TBNym+cBXeFsS4Vs--