IPFW logging...
Matthew Seaman
m.seaman at infracaninophile.co.uk
Tue Sep 21 00:09:09 PDT 2004
On Mon, Sep 20, 2004 at 10:27:22PM -0500, Eric F Crist wrote:
> IPFW used to log all entries with the 'log' included in the rule, but
> randomely, to me, anyways, stopped doing so. I can't seem to get it to
> continue logging.
>
> Does anyone have any insight? I'm running FreeBSD 4.10 from about 2
> months ago. I'm going to cvsup tonight to see if it helps. what log
> files can I check to verify things are working? Thanks.
Are you just running into the verbose limit on log messages? That's
the setting of the net.inet.ip.fw.verbose_limit sysctl. That exists
to prevent anyone DOS-ing you by sending so many nasty packets that
the log files fill up your disk.
I find setting this to a fairly high number (1024) and doing a daily
reset of the counters keeps the logging data coming through more or
less smoothly. I put this in /etc/daily.local:
#!/bin/sh
PATH=/usr/bin:/bin:/sbin ; export PATH
ipfw resetlog
#
# That's All Folks!
#
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040921/273a46ba/attachment.bin
More information about the freebsd-questions
mailing list