Re: ipfw logging
From: James Snow (snow_at_teardrop.org)
Date: 11/17/04
- Previous message: Julian Elischer: "Re: FireWire Security issues"
- In reply to: Zoran Kolic: "ipfw logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Nov 2004 10:12:42 -0500 To: Zoran Kolic <kolicz@EUnet.yu>
On Mon, Nov 15, 2004 at 07:55:24AM +0100, Zoran Kolic wrote:
> Hi all!
> After installing 5.3 I've noticed
> some change in firewall logging.
> Prior (on 5.2) rules gave me what
> I needed: trimed to 3 of the same
> connection. Every new connection
> on the same rule gave new log line
> up to 3. I have in kernel:
> FIREWALL
> FIREWALL_VERBOSE
> FIREWALL_VERBOSE_LIMIT=3
> Now, all connections on the same
> rule are trimed to 3. Is it possib-
> le on 5.3 to have all connections
> logged, but no more than 3 of the
> same?
> Just a little annoyance... I'd
> rather see what was blocked. New
> is even line:
> "ipfw: limit 3 reached on entry 1500"
> Can I do something to have old way
> of logging back?
> Best regards
This may or may not help you with your situation but I found it to be a
considerable step up from setting these options in the kernel:
As of 5.3 (or perhaps earlier - I first noticed it in 5.3) you can
edit net.inet.ip.fw.verbose and net.inet.ip.fw.verbose_limit via
sysctl. Perhaps you'll have some luck fiddling with the value of
net.inet.ip.fw.verbose_limit.
Hope that helps.
-Snow
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Julian Elischer: "Re: FireWire Security issues"
- In reply to: Zoran Kolic: "ipfw logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
