Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 22 Oct 1999 10:06:14 -0700 (PDT)
From:      daniel B <danielb@pacex.net>
To:        Doug Barton <Doug@gorean.org>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: ipfw dny ip from any to any
Message-ID:  <Pine.BSF.4.10.9910220959180.20681-100000@almazs.pacex.net>
In-Reply-To: <Pine.BSF.4.10.9910211342160.51282-100000@dt050n71.san.rr.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> > I want to log all denied packets in ipfw and I used
> > 	65534 add deny log all from any to any
> > this should 'bypass' the las rule
> > 	65535 deny all from any to any
> > 
> > but it doen't! I still see denied packet on the last rule when I do 
> > 	ipfw sh
> > 
> > What to do now?
> 
> 	I bet that the amount of packets is always constant, right? Try
> doing 'ipfw -a l' once a day for a few days. The number should always be
> the same. This represents the number of packets that cross the interface
> before your firewall rules are loaded by the init process. 
> 
> 	If it turns out that the number does grow, then we have a bug
> somewhere and we need to track it down. 
> 
> Good luck,
 Well NO LUCK yet! I also tried this:
$fwcmd add 65532 deny log tcp from any to any
$fwcmd add 65533 deny log udp from any to any
$fwcmd add 65534 deny log icmp from any to any

and the last rule dy default is:

65535 deny all from any to any

and I still see denied packets logged under the last rule
I reloaded my firewall rules and even rebooted!
Huh!

Dan



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9910220959180.20681-100000>