[FUGSPBR] log do ipf
Alvicler Magalhaes
calvin em dq.ufscar.br
Ter Set 18 17:15:59 BRT 2001
Veja abaixo o arquivo /sys/i386/conf/LINT
Coloca o IPFILTER_LOG e depois da uma lida no man
acho que
touch /var/log/ipfw ja deve resolver depois de configurar seu kernel.
#
# Internet family options:
#
# TCP_COMPAT_42 causes the TCP code to emulate certain bugs present in
# 4.2BSD. This option should not be used unless you have a 4.2BSD
# machine and TCP connections fail.
#
# MROUTING enables the kernel multicast packet forwarder, which works
# with mrouted(8).
#
# IPFIREWALL enables support for IP firewall construction, in
# conjunction with the `ipfw' program. IPFIREWALL_VERBOSE sends
# logged packets to the system logger. IPFIREWALL_VERBOSE_LIMIT
# limits the number of times a matching entry can be logged.
#
# WARNING: IPFIREWALL defaults to a policy of "deny ip from any to any"
# and if you do not add other rules during startup to allow access,
# YOU WILL LOCK YOURSELF OUT. It is suggested that you set firewall_type=open
# in /etc/rc.conf when first enabling this feature, then refining the
# firewall rules in /etc/rc.firewall after you've tested that the new kernel
# feature works properly.
#
# IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
# allow everything. Use with care, if a cracker can crash your
# firewall machine, they can get to your protected machines. However,
# if you are using it as an as-needed filter for specific problems as
# they arise, then this may be for you. Changing the default to 'allow'# out of sync.
#
# IPDIVERT enables the divert IP sockets, used by ``ipfw divert''
#
# IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
# packets without touching the ttl). This can be useful to hide firewalls
# from traceroute and similar tools.
#
# TCPDEBUG is undocumented.
#
options TCP_COMPAT_42 #emulate 4.2BSD TCP bugs
options MROUTING # Multicast routing
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #print information about
# dropped packets
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
options IPV6FIREWALL #firewall for IPv6
options IPV6FIREWALL_VERBOSE
options IPV6FIREWALL_VERBOSE_LIMIT=100
options IPV6FIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT #divert sockets
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
__________^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
options IPFILTER_DEFAULT_BLOCK #block all packets by default
options IPSTEALTH #support for stealth forwarding
options TCPDEBUG
# means that you won't get stuck if the kernel and /sbin/ipfw binary get
[]s
calvin
"Alessandro O. Ungaro" wrote:
> Galera,
>
> como faco pro ipf fazer um log (por exemplo) de todas as tentativas de acesso pa porta bloqueada 21?
>
> ####
> block in quick on rl0 from any to any port = 21
> ####
>
> e onde esse log ficarah guardado?
>
> t+
>
> Alessandro
> ----
> Para sair da lista envie um e-mail para majordomo em fugspbr.org
> com as palavras "unsubscribe fugspbr" no corpo da mensagem.
--
Labor, n.:
One of the processes by which A acquires property for B.
-- Ambrose Bierce, "The Devil's Dictionary"
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.fug.com.br/pipermail/freebsd/attachments/20010918/0e13ae41/attachment.html>
Mais detalhes sobre a lista de discussão freebsd