Re: IPFW and syslog

---

• From: Alexander <shulik_freebsd@xxxxxxxxxxxxxx>
• Date: Sat, 06 May 2006 17:09:50 +0300

---

Tiago N. Sampaio wrote:

did you try add deny log ip from any to any?
ipfw add 65000 deny log ip from any to any

If I'll add rule deny any any at the end, it will be last rule between
other rules and all packets will be dropped (one_pass = 0).
But I don't understand, why if I add deny any any as first rules -
traffic dropped.

Hugs
Tiago N. Sampaio

Alexander wrote:

So, I also try ipfw add 99 deny ip from any to any, but got the same
trouble...

Bjoern A. Zeeb wrote:

On Sat, 6 May 2006, Alexander wrote:

Bjoern A. Zeeb wrote:

On Sat, 6 May 2006, Alexander wrote:

Default rule is deny.
Some packets is registered under default rule, but I can't find
documentation - how log to syslog packets, that denied in default
rules.

Add the same rule with rule number - 1 and add log statement.

Gmmmm! I have added rule: ipfw add 1 deny ip from any to any
And server dropped all packets...

Well
"rule number" (for default rule) - 1 == 65535 - 1 == 65534

I guess I should have added quotes or braces or the sample.

Sorry for the trouble...

_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"

---

• References:
  • IPFW and syslog
    • From: Alexander
  • Re: IPFW and syslog
    • From: Bjoern A. Zeeb
  • Re: IPFW and syslog
    • From: Alexander
  • Re: IPFW and syslog
    • From: Tiago N. Sampaio

• Prev by Date: Re: IPFW and syslog
• Next by Date: PPPoE + Radius
• Previous by thread: Re: IPFW and syslog
• Next by thread: PPPoE + Radius
• Index(es):
  • Date
  • Thread

---

Relevant Pages ipfw rules ... I'm not sure what i should've put under incoming connections... ... and send e-mail and pretty much deny everything else. ... $cmd 001 allow all from any to any via lo0 ... $cmd 130 deny log all from any to any established in via $oif ... (freebsd-questions) ipfw: did i forget anything? ... I'm not sure what i should've put under incoming connections... ... and send e-mail and pretty much deny everything else. ... $cmd 001 allow all from any to any via lo0 ... $cmd 130 deny log all from any to any established in via $oif ... (FreeBSD-Security) Re: IPFW acting weird OR invalid ruleset? ... > Masqurading Firewall tries to d/l a file that is on a FTP site, ... Does the ipfw offer logging perhaps you can see why ... > add 04090 deny ip from any to me ... > add 60000 deny log tcp from any to any established ... (freebsd-questions) Re: Group users and computers on Windows 2000 server ... You can use a combination of the Security Policies: "Deny log on locally" ... You would create a policy; apply it to all computers; deny the policy (in ... the policy to Deny log on locally to the user group you have created. ... (microsoft.public.windows.server.general) Re: IPFW acting weird OR invalid ruleset? ... add 00110 deny ip from any to 127.0.0.0/8 ... setup keep-state ... add 60000 deny log tcp from any to any established ... (freebsd-questions)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Mailing-Lists  > FreeBSD  > isp  > 2006-05