From owner-freebsd-questions Fri Oct 22 10: 6:25 1999 Delivered-To: freebsd-questions@freebsd.org Received: from almazs.pacex.net (almazs.pacex.net [204.1.219.156]) by hub.freebsd.org (Postfix) with ESMTP id CDAD114C26 for ; Fri, 22 Oct 1999 10:06:15 -0700 (PDT) (envelope-from danielb@almazs.pacex.net) Received: from localhost (danielb@localhost) by almazs.pacex.net (8.9.3/8.9.3) with ESMTP id KAA20705; Fri, 22 Oct 1999 10:06:14 -0700 (PDT) Date: Fri, 22 Oct 1999 10:06:14 -0700 (PDT) From: daniel B To: Doug Barton Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ipfw dny ip from any to any In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I want to log all denied packets in ipfw and I used > > 65534 add deny log all from any to any > > this should 'bypass' the las rule > > 65535 deny all from any to any > > > > but it doen't! I still see denied packet on the last rule when I do > > ipfw sh > > > > What to do now? > > I bet that the amount of packets is always constant, right? Try > doing 'ipfw -a l' once a day for a few days. The number should always be > the same. This represents the number of packets that cross the interface > before your firewall rules are loaded by the init process. > > If it turns out that the number does grow, then we have a bug > somewhere and we need to track it down. > > Good luck, Well NO LUCK yet! I also tried this: $fwcmd add 65532 deny log tcp from any to any $fwcmd add 65533 deny log udp from any to any $fwcmd add 65534 deny log icmp from any to any and the last rule dy default is: 65535 deny all from any to any and I still see denied packets logged under the last rule I reloaded my firewall rules and even rebooted! Huh! Dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message