I few days ago I asked the following question:
I've installed FreeBSD 5.4 for sparc64. IPFilter works
perfectly but when I add "log" to the rules set, ipmon
doesn't show anything:
FirewallBSD# ipmon -o I
Ipmon is up, but does not log any blocked or passed
packets.
I`ve recompiled the kernel with the following option:
options IPFILTER_LOG
but the problem persists.
I can see both the state and nat tables, without any
problem:
FirewallBSD# ipmon -o S
17/01/2006 21:15:56.848382 STATE:NEW 10.1.15.6,61981
-> 10.1.10.1,53 PR udp
17/01/2006 21:15:56.849781 STATE:NEW 10.1.15.6,56799
-> 10.1.10.1,53 PR udp
FirewallBSD# ipmon -o N
17/01/2006 21:18:19.089300 @1 NAT:BIMAP 10.7.1.xx,80
<- -> 200.26.56.xxx,80 [200.26.237.36,4134]
Does anybody know what the problem could be?
Sorry to insist, but i have not received any answer
yet, and in the case no solution is found until
monday, our management has decided to install a
different product.
Thanks in advance for any help.
Sebastian Anzaldi
My settings are the following:
rc.conf
ipfilter_enable="YES"
ipmon_enable="YES"
ipmon_flags="-Dsvn"
ipnat_enable="YES"
System
FirewallBSD# uname -a
FreeBSD FirewallBSD.anses.gov.ar 5.4-RELEASE FreeBSD
5.4-RELEASE #7: Fri Jan 13 15:37:58 ART 2006
[EMAIL PROTECTED]:/usr/src/sys/sparc64/compile/FIREWALL
sparc64
ipfilter
FirewallBSD# ipf -V
ipf: IP Filter: v3.4.35 (384)
Kernel: IP Filter: v3.4.35
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Network configuration
hme0:
flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu
1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
inet 200.26.xx.xx netmask 0xffffffe0 broadcast
200.26.56.127
inet6 fe80::a00:20ff:fe9a:397a%hme0 prefixlen
64 scopeid 0x1
ether 08:00:20:9a:39:7a
media: Ethernet autoselect (100baseTX)
status: active
hme1:
flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu
1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
inet 10.7.1.1 netmask 0xffffff00 broadcast
10.7.1.255
inet6 fe80::a00:20ff:fea1:77f7%hme1 prefixlen
64 scopeid 0x2
ether 08:00:20:a1:77:f7
media: Ethernet autoselect (100baseTX
<full-duplex>)
status: active
hme2:
flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu
1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
inet 10.1.15.6 netmask 0xffff0000 broadcast
10.1.255.255
inet6 fe80::a00:20ff:fea4:8e58%hme2 prefixlen
64 scopeid 0x3
ether 08:00:20:a4:8e:58
media: Ethernet autoselect (100baseTX
<full-duplex>)
status: active
hme3: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
ether 08:00:20:a4:8e:59
media: Ethernet autoselect
hme4: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
ether 08:00:20:a4:8e:5a
media: Ethernet autoselect
hme5: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
options=b<RXCSUM,TXCSUM,VLAN_MTU>
ether 08:00:20:a4:8e:5b
media: Ethernet autoselect
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu
16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
Hardware: Sun Enterprice 450
number of procesors: 4
___________________________________________________________
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
http://correo.yahoo.com.ar
