logging and dynamic rules
Uwe Kolsch
ukolsch at gmx.net
Sun Mar 7 05:02:06 PST 2004
Hi,
I've set up ipfw2 on 5.2.1 like follows.
add 1000 check-state
#allow ssh traffic from any to any
add 2022 allow log tcp from any to any 22 in setup keep-state
This results in every packet of any ssh connection getting logged, not
really what I want. I would like to get only the initiation of a ssh
connection into the logfile. Without dynamic rules I would just deal
with packages of an established connection without logging, but log any
request to port 22. Is there any way to achieve this with dynamic rules
too.
Thanks,
Hans Hunger
More information about the freebsd-ipfw
mailing list