Date: Thu, 2 Dec 1999 03:31:50 +0200 From: d e a t h <charon@hades.hell.gr> To: freebsd-questions@freebsd.org Subject: ipfilter & logging? Message-ID: <19991202033150.C3342@hades.hell.gr>
next in thread | raw e-mail | index | archive | help
[1. output of uname -a] FreeBSD hades.hell.gr 3.3-STABLE FreeBSD 3.3-STABLE #0: \ Wed Dec 1 04:59:37 EET 1999 \ root@hades.hell.gr:/usr/src/sys/compile/HADES i386 [2. problem report] Well, after using ipfw on 3.3-STABLE for quite some time, I decided to play around with ipfilter. So, I commented out all the ipfw lines in my kernel config, and added: options IPFILTER #kernel ipfilter support options IPFILTER_LOG #ipfilter logging options IPSTEALTH #support for stealth forwarding compiled, installed, changed rc.conf to firewall_enable="NO" (just to make sure than ipfw had no chance to mess with packets), and rebooted. The funny thing was that although ipfilter seemed to grok my rules, loader from a file with: % ipf -f ipf.rules and ipfstat showed they were all there, no logging was performed for those rules that contained the 'log' keyword. For instance I had a rule of block in log quick from any to any 12345 but a netcat to port 12345 from localhost did not show anything in the system logs. Changing back to `ipfw' works with logging though! Does logging in ipfilter work at all, or was it some silly thing I did? -- Giorgos Keramidas, <keramida@ceid.upatras.gr> "What we have to learn to do, we learn by doing." [Aristotle] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991202033150.C3342>