Where do ipfw kern:emerg logs come from?
Eric W. Bates
ericx_lists at vineyard.net
Mon Oct 13 17:49:13 PDT 2003
4.8-RELEASE-p10
ipfw2
I have a firewall which appears to be behaving well. I have quite a few
'log' instructions for the sake of debugging. However, I seem to be
generating quite a few kern:emerg messages as well as security:info
messages.
Oct 13 14:11:26 <kern.alert> brock /kernel: .132:80 out via de0
Oct 13 14:11:26 <kern.crit> brock /kernel: 00 UNKNOWN TCP 208.172.16.132:80
192.168.1.91:1104 in via de0
Oct 13 14:11:26 <kern.crit> brock /kernel: 00 UNKNOWN TCP 192.168.1.91:1104
208.172.16.132:80 out via de0
Oct 13 14:11:27 <kern.crit> brock /kernel: in via de0
Oct 13 14:11:28 <kern.emerg> brock /kernel: pfw: 65000 Accept TCP
208.172.16.132:80 192.168.1.91:1104 in via de0
Oct 13 14:11:29 <kern.crit> brock /kernel: 300 Divert 8668 TCP
208.172.16.132:80 207.218.155.34:1104 in via de0
The messages actually appear to be truncated versions of the security.info
messages:
Oct 13 14:11:26 <security.info> brock /kernel: ipfw: 400 UNKNOWN TCP
192.168.1.91:1104 208.172.16.132:80 out via de0
Oct 13 14:11:26 <security.info> brock /kernel: ipfw: 500 SkipTo 10000 TCP
192.168.1.91:1104 208.172.16.132:80 out via de0
Oct 13 14:11:26 <security.info> brock /kernel: ipfw: 10000 Divert 8668 TCP
192.168.1.91:1104 208.172.16.132:80 out via de0
I found ipfw logging code sys/netinet/in ip_fw.c; but there doesn't seem to
be anything using LOG_KERN or LOG_EMERG.
Is this a bug?
--
ericx
More information about the freebsd-net
mailing list