Date: Tue, 9 Sep 2003 12:34:47 +0100 From: Wayne Pascoe <freebsd-questions@penguinpowered.org> To: freebsd-questions@freebsd.org Subject: Logging and IPFW Message-ID: <20030909113447.GB17219@marvin.penguinpowered.org>
next in thread | raw e-mail | index | archive | help
Hi all, We're moving from ipfilter to ipfw. Since we no longer run multiple platforms, the benefits that we used to derive from ipfilter are declining. Add to this the problems we've had when running it as a module on 5.x (as opposed to compiled into the kernel), and we've decided to move to ipfw. I'm trying to setup logging with IPFW. I've not compiled IPFW into my kernel, but am instead using the ipfw.ko module. I have the following sysctl variables set: net.inet.ip.fw.verbose=1 net.inet.tcp.log_in_vain=1 net.inet.udp.log_in_vain=1 However, I am still not seeing anything in /var/log/messages when I portscan the machine. The firewall appears to be working, as we receive nothing back on the portscanning machine, but I would like logging enabled. I have the following in /etc/rc.conf firewall_enable="YES" firewall_script="/etc/rc.firewall" firewall_type="CLIENT" firewall_quiet="NO" firewall_logging="YES" The only place I can see firewall_logging being used is in /etc/rc.conf and that is being used to set a sysctl variable : echo 'Firewall logging=YES' sysctl net.inet.ip.fw.verbose=1 >/dev/null any ideas on what I'm doing wrong here ? thanks in advance , -- Wayne Pascoe Look buddy, doesn't work is a strong statement. Does it sit on the couch all day? Is it making faces at you? Does it want more money? Please be specific!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030909113447.GB17219>