Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Dec 1999 03:31:50 +0200
From:      d e a t h <charon@hades.hell.gr>
To:        freebsd-questions@freebsd.org
Subject:   ipfilter & logging?
Message-ID:  <19991202033150.C3342@hades.hell.gr>

next in thread | raw e-mail | index | archive | help
[1. output of uname -a]

FreeBSD hades.hell.gr 3.3-STABLE FreeBSD 3.3-STABLE #0: \
  Wed Dec  1 04:59:37 EET 1999 \
  root@hades.hell.gr:/usr/src/sys/compile/HADES  i386

[2. problem report]

Well, after using ipfw on 3.3-STABLE for quite some time, I decided to
play around with ipfilter.  So, I commented out all the ipfw lines in
my kernel config, and added:

    options         IPFILTER                #kernel ipfilter support
    options         IPFILTER_LOG            #ipfilter logging
    options         IPSTEALTH               #support for stealth forwarding

compiled, installed, changed rc.conf to firewall_enable="NO" (just to
make sure than ipfw had no chance to mess with packets), and rebooted.

The funny thing was that although ipfilter seemed to grok my rules,
loader from a file with:

    % ipf -f ipf.rules

and ipfstat showed they were all there, no logging was performed for
those rules that contained the 'log' keyword.  For instance I had a
rule of

    block in log quick from any to any 12345

but a netcat to port 12345 from localhost did not show anything in the
system logs.  Changing back to `ipfw' works with logging though!

Does logging in ipfilter work at all, or was it some silly thing I did?

-- 
Giorgos Keramidas, <keramida@ceid.upatras.gr>
"What we have to learn to do, we learn by doing." [Aristotle]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991202033150.C3342>