Problem with security log

Luigi Rizzo rizzo at
Wed Oct 13 21:37:42 UTC 2010

On Wed, Oct 13, 2010 at 01:43:24PM -0700, Kevin Oberman wrote:
> > > It sounds like the only way to solve this issue is to improve/fix the
> > > msgbuf code.  Alternatively, you could consider moving from ipfw to
> > > pf(4) and use pflog(4) / pflogd(8).
> > 
> > or you can use the log option of ipfw and run tcpdump on the "ipfw0"
> > pseudo interface
> > which will give you all the traffic that matches a 'log' rule (there
> > is a sysctl variable that
> > controls whether log goes to syslog or to the ipfw pseudo interface)
> Is the any real documentation on the ipfw0 device and how to use it? I
> can see it as being very handy.

documentation ? what's that :)

thanks for the reminder, just committed some text to ipfw.8 in HEAD to
document the feature.


> R. Kevin Oberman, Network Engineer
> Energy Sciences Network (ESnet)
> Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
> E-mail: oberman at			Phone: +1 510 486-8634
> Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751

More information about the freebsd-stable mailing list