From owner-freebsd-questions  Fri Jul  7 10:59:33 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from moffetimages.com (alar.scruz.predictive.com [207.251.1.130])
	by hub.freebsd.org (Postfix) with ESMTP id C7B4737BED1
	for <freebsd-questions@freebsd.org>; Fri,  7 Jul 2000 10:59:23 -0700 (PDT)
	(envelope-from brianm@moffetimages.com)
Received: (from brianm@localhost)
	by moffetimages.com (8.9.3/8.9.3) id LAA00413
	for freebsd-questions@freebsd.org; Fri, 7 Jul 2000 11:03:12 -0700 (PDT)
	(envelope-from brianm)
Date: Fri, 7 Jul 2000 11:03:12 -0700 (PDT)
From: "Brian D. Moffet" <brianm@moffetimages.com>
Message-Id: <200007071803.LAA00413@moffetimages.com>
To: freebsd-questions@freebsd.org
Subject: ipfw
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


How do I configure ipfw to log all connections to a NIC on my machine?
So I want to log the connections from the outside NIC to my machine.

I don't want all packets, just the connections.   I have

options		IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #print information about
					# dropped packets
options         IPFIREWALL_FORWARD      #enable transparent proxy support
options		"IPFIREWALL_VERBOSE_LIMIT=10" #limit verbosity
options		IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
options		IPDIVERT		#divert sockets

as my configuration options, per the syslog.conf man page, (just a guess)
I also have

!ipfw
*.*						/var/log/ipfw.log

Do I have to use TCP filters to do this?

Any advice appreciated.

Thanks
Brian Moffet


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message