default to deny rule
Barry Irwin
bvi at itouchlabs.com
Mon May 5 05:45:39 PDT 2003
The easiest, is to put in a rule just befroe it say 653500 deny log
logamount <x> ip from any to any
you could even break it down to log against separate rule numbers for tcp,
udp, icmp, etc. withc a catchall at the end.
Barry
--
Barry Irwin bvi at itouchlabs.com Tel:
+27214875178
Systems Administrator: Networks And Security
iTouch Technology
iTouch TAS http://www.itouchlabs.com Mobile: +27824457210
----- Original Message -----
From: "Mark Bojara" <mark at mics.co.za>
To: <freebsd-isp at freebsd.org>
Sent: Monday, May 05, 2003 2:28 PM
Subject: default to deny rule
> Hello All,
>
> I have setup a default to deny ipfw rule and I would like that rule to log
> all denied packets aswell. Eg change it to: "65535 deny log ip from any to
any"
>
> How would I do this?
>
> Regards
> Mark Bojara
>
> ----------------------------------------------------------------
> A life lived in fear is half a life lived.
> ----------------------------------------------------------------
>
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>
>
>
More information about the freebsd-isp
mailing list