problems with ipfilter on 5.1-RELEASE
Redmond Militante
r-militante at northwestern.edu
Thu Aug 7 23:50:01 PDT 2003
hi all
i'm trying to get ipfilter set up on my new 5.1-RELEASE box. ipfilter
seems to be working fine. i just have a couple of issues that are
probably not very serious...
one thing is that during network startup at boot, i get the message
IPFilter: already initialized
repeated 4 times.
i think i have everything configured properly
my kernel config looks like
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
my /etc/rc.conf looks like
ipfilter_enable="YES"
ipfilter_flags=""
ipfilter_rules="/etc/ipfilter.rules"
ipmon_enable="YES"
ipmon_flags="-Dsvn"
the other problem i have is that: it now seems that ipmon is logging to
/var/log/messages. i've set up ipfilter successfully on many freebsd
4x boxes, but this is the first time i've tried to set it up on 5x.
in my /etc/syslog.conf i have
local0.* /var/log/firewall_logs
*.notice;local0.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages
am i missing some things that i should be doing to set up ipfilter on
5x-RELEASE? on 4x-RELEASE, i've set up ipfilter successfully, following
the procedures outlined at schlacter.net to set up ipfilter. i'm
basically following the same procedures here, with unexpected results.
any advice would be appreciated
thanks
redmond
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030808/d473399d/attachment.bin
More information about the freebsd-security
mailing list