From owner-freebsd-ipfw@FreeBSD.ORG Sun Mar 7 06:05:21 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6138B16A4CE for ; Sun, 7 Mar 2004 06:05:21 -0800 (PST) Received: from mail.gmx.net (pop.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 1853143D3F for ; Sun, 7 Mar 2004 06:05:19 -0800 (PST) (envelope-from ukolsch@gmx.net) Received: (qmail 6278 invoked by uid 65534); 7 Mar 2004 14:05:18 -0000 Received: from 82-43-144-161.cable.ubr02.newm.blueyonder.co.uk (EHLO xp0) (82.43.144.161) by mail.gmx.net (mp008) with SMTP; 07 Mar 2004 15:05:18 +0100 X-Authenticated: #10165491 From: "Uwe Kolsch" To: Date: Sun, 7 Mar 2004 14:05:18 -0000 Message-ID: <00f001c4044d$395e22c0$cc06a8c0@wax.local> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20040307051411.B74559@xorpc.icir.org> Subject: RE: logging and dynamic rules X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Mar 2004 14:05:21 -0000 Thanks Luigi -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Luigi Rizzo Sent: 07 March 2004 13:14 To: Uwe Kolsch Cc: freebsd-ipfw@freebsd.org Subject: Re: logging and dynamic rules On Sun, Mar 07, 2004 at 01:02:04PM -0000, Uwe Kolsch wrote: > Hi, > > I've set up ipfw2 on 5.2.1 like follows. > > add 1000 check-state > #allow ssh traffic from any to any > add 2022 allow log tcp from any to any 22 in setup keep-state > > This results in every packet of any ssh connection getting logged, not > really what I want. I would like to get only the initiation of a ssh > connection into the logfile. Without dynamic rules I would just deal i guess your best option is to do this: add 2022 count log tcp from any to any 22 in setup add 2022 allow tcp from any to any 22 in setup keep-state cheers luigi > with packages of an established connection without logging, but log > any request to port 22. Is there any way to achieve this with dynamic > rules too. > > Thanks, > > Hans Hunger > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to > "freebsd-ipfw-unsubscribe@freebsd.org" _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"