Julian Elischer (and possibly others) - on 8.3-RELEASE-p4...
I have a table with ca. 84,000 networks, and the table arg is a classifier based on criteria the firewall ruleset doesn't care about - but I really would like to log the data. I've discovered that logging the lookup command doesn't log the table arg, just the src-ip ipfw add 500 skipto 65000 log logamount 0 lookup src-ip 1 log entry looks like: Oct 3 16:41:49 fedallah kernel: ipfw: 500 SkipTo 65000 TCP 69.109.215.188:53297 10.160.78.12:3222 in via xn0 Of course I don't have any reason to expect this to work, since it's an aspirational use of the mechanism. But I think it might be powerful and useful for folks who actually use firewall logs in support of IDS/IPS etc. - M _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
