Professional Web Applications Themes

ipfilter.log - FreeBSD

Hi guys, I've been following this guide: http://www.unixguide.net/freebsd/fbsd_installguide/index.php So far I have gotten the firewall/router to work. Everything seems to be okay, except I do not see anything being logged in ipfilter.log. My rc.conf options are: moused_enable="YES" moused_port="/dev/psm0" moused_type="auto" moused_flags="-m 2=3" allscreens_flags="-m on -c blink -h 200" clear_tmp_enable="YES" hostname="gateway.fbsdbuds.com" saver="logo" ifconfig_rl0="DHCP" ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" ipmon_enable="YES" ipmon_flags="-Ds" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" ifconfig_rl1="inet 10.0.10.2 netmask 255.255.255.248" gateway_enable="YES" I am using ipf.rules and ipnat.rules. I created ipfilter.log in /var/log/ and I added this line to syslog.conf: Local0.* /var/log/ipfilter.log and I added the following line to newsyslog.conf for rotating the log. /var/log/ipfilter.log 600 5 100 $M1D0 J ...

  1. #1

    Default ipfilter.log

    Hi guys,
    I've been following this guide:
    http://www.unixguide.net/freebsd/fbsd_installguide/index.php
    So far I have gotten the firewall/router to work. Everything seems to be okay, except I do not see anything being logged in ipfilter.log. My rc.conf options are:

    moused_enable="YES"
    moused_port="/dev/psm0"
    moused_type="auto"
    moused_flags="-m 2=3"
    allscreens_flags="-m on -c blink -h 200"
    clear_tmp_enable="YES"
    hostname="gateway.fbsdbuds.com"
    saver="logo"
    ifconfig_rl0="DHCP"
    ipfilter_enable="YES"
    ipfilter_rules="/etc/ipf.rules"
    ipmon_enable="YES"
    ipmon_flags="-Ds"
    ipnat_enable="YES"
    ipnat_rules="/etc/ipnat.rules"
    ifconfig_rl1="inet 10.0.10.2 netmask 255.255.255.248"
    gateway_enable="YES"

    I am using ipf.rules and ipnat.rules. I created ipfilter.log in /var/log/ and I added this line to syslog.conf:
    Local0.* /var/log/ipfilter.log
    and I added the following line to newsyslog.conf for rotating the log.
    /var/log/ipfilter.log 600 5 100 $M1D0 J
    I was wondering if anyone could tell me why I do not get anything in my ipfilter.log.

    Thanks
    fewjr/Buddy
    Francis Guest

  2. #2

    Default Re: ipfilter.log

    On Sun, Apr 03, 2005 at 09:29:13PM -0400, Francis Whittington wrote: 


    I asked the same thing about a month ago with no answer.

    What I ended up doing was putting this in /etc/rc.conf:

    ipmon_flags="-Dvn /var/log/firewall"
    Andy Guest

  3. #3

    Default RE: ipfilter.log

    The answer is very simple. The integration of the open source
    ipfilter firewall into FreeBSD has changed between the 4.x releases
    and the 5.3 release just made available. If you change the
    syslog.conf:

    Local0.* /var/log/ipfilter.log which is how 4.10
    & 4.11 work

    To

    security.* /var/log/ipfilter.log for 5.3 then every
    thing will work as doented.

    -----Original Message-----
    From: org
    [mailto:org]On Behalf Of Francis
    Whittington
    Sent: Sunday, April 03, 2005 9:29 PM
    To: org
    Subject: ipfilter.log

    Hi guys,
    I've been following this guide:
    http://www.unixguide.net/freebsd/fbsd_installguide/index.php
    So far I have gotten the firewall/router to work. Everything seems
    to be okay, except I do not see anything being logged in
    ipfilter.log. My rc.conf options are:

    moused_enable="YES"
    moused_port="/dev/psm0"
    moused_type="auto"
    moused_flags="-m 2=3"
    allscreens_flags="-m on -c blink -h 200"
    clear_tmp_enable="YES"
    hostname="gateway.fbsdbuds.com"
    saver="logo"
    ifconfig_rl0="DHCP"
    ipfilter_enable="YES"
    ipfilter_rules="/etc/ipf.rules"
    ipmon_enable="YES"
    ipmon_flags="-Ds"
    ipnat_enable="YES"
    ipnat_rules="/etc/ipnat.rules"
    ifconfig_rl1="inet 10.0.10.2 netmask 255.255.255.248"
    gateway_enable="YES"

    I am using ipf.rules and ipnat.rules. I created ipfilter.log in
    /var/log/ and I added this line to syslog.conf:
    Local0.* /var/log/ipfilter.log
    and I added the following line to newsyslog.conf for rotating the
    log.
    /var/log/ipfilter.log 600 5 100 $M1D0 J
    I was wondering if anyone could tell me why I do not get anything in
    my ipfilter.log.

    Thanks
    fewjr/Buddy
    _______________________________________________
    org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to
    "org"

    Guest

  4. #4

    Default Re: ipfilter.log

    Francis Whittington wrote: 

    Two things:

    First: You can log directly to a file instead of through syslog:

    ipmon_flags="-D /path/to/logfile"

    Second: Have you any rules in your ruleset with the "log" keyword?

    Cheers, Erik
    --
    Ph: +34.666334818 web: http://www.locolomo.org
    S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
    Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22 :DE:4C:B9
    Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73 :25:67:C2
    Erik Guest

  5. #5

    Default Re: ipfilter.log

    Thank you very much for your reply. Your suggestions did the trick. I will
    read the Official handbook to see what else is different with 5.3. How did
    you know I was using 5.3. You answered one of my questions once before
    didn't you?

    Thanks Again
    fewjr/Buddy
    ----- Original Message -----
    From: <com>
    To: "Francis Whittington" <net>;
    <org>
    Sent: Sunday, April 03, 2005 11:29 PM
    Subject: RE: ipfilter.log

     

    Francis Guest

  6. #6

    Default Re: ipfilter.log

    Hi again Bob,
    I read the ipfilter section of the Official manual for 5.3. Where it
    talks about adding that line to syslog.conf,
    (local0.* /var/log/ipfilter.log), well it says to put local0.*. It doesn't
    mention putting security.*, although it did work for me. I looked through
    the errata section online and didn't see anything about it there either. At
    the same time I see that in my syslog.conf file there is already a line that
    uses security.* /var/log/security. Am I using two logs for the same thing?

    fewjr/Buddy
    ----- Original Message -----
    From: <com>
    To: "Francis Whittington" <net>;
    <org>
    Sent: Sunday, April 03, 2005 11:29 PM
    Subject: RE: ipfilter.log

     

    Francis Guest

  7. #7

    Default RE: ipfilter.log

    I wrote the official handbook firewall section based on 4.10 release
    before ipfilter was incorporated into the base of 5.3. You are
    incorrect to think that what you read in the official handbook is
    for 5.3 only. I have submitted a change to the handbook to correct
    it saying that 5.3 uses security.* ipfw also uses security.*
    that way there are no changes necessary to syslog.conf no mater
    which firewall you use.

    -----Original Message-----
    From: Francis Whittington [mailto:net]
    Sent: Tuesday, April 05, 2005 5:13 PM
    To: com
    Cc: org
    Subject: Re: ipfilter.log

    Hi again Bob,
    I read the ipfilter section of the Official manual for 5.3.
    Where it
    talks about adding that line to syslog.conf,
    (local0.* /var/log/ipfilter.log), well it says to put local0.*. It
    doesn't
    mention putting security.*, although it did work for me. I looked
    through
    the errata section online and didn't see anything about it there
    either. At
    the same time I see that in my syslog.conf file there is already a
    line that
    uses security.* /var/log/security. Am I using two logs for the same
    thing?

    fewjr/Buddy
    ----- Original Message -----
    From: <com>
    To: "Francis Whittington" <net>;
    <org>
    Sent: Sunday, April 03, 2005 11:29 PM
    Subject: RE: ipfilter.log

     
    releases 
    4.10 
    in 

    Guest

Similar Threads

  1. ipfilter problems
    By Angelin in forum FreeBSD
    Replies: 2
    Last Post: April 4th, 03:27 PM
  2. IPFILTER and NFS
    By Matt in forum FreeBSD
    Replies: 5
    Last Post: April 4th, 08:39 AM
  3. Vim and NFS and ipfilter(strange problem)
    By HENCHOZ Daniel in forum FreeBSD
    Replies: 0
    Last Post: February 21st, 11:07 AM
  4. ipfilter outgoing
    By Sandy Rutherford in forum FreeBSD
    Replies: 0
    Last Post: February 17th, 12:34 AM
  5. Sunscreen 3.2 or Ipfilter
    By Chris in forum Sun Solaris
    Replies: 3
    Last Post: August 7th, 05:03 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139