I really apreciate your help. Regards.
This is my syslog.conf
*.err;kern.warning;auth.notice;mail.crit
/dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages
security.*
/var/log/security
auth.info;authpriv.info
/var/log/auth.log
mail.info
/var/log/maillog
lpr.info
/var/log/lpd-errs
ftp.info
/var/log/xferlog
cron.*
/var/log/cron
*.=debug
/var/log/debug.log
*.emerg *
!startslip
*.*
/var/log/slip.log
!ppp
*.*
/var/log/ppp.log
This is my rules set:
block in quick all with short
block in quick all with frag
block in quick on hme0 proto tcp
all flags FUP
block in quick on hme0 from
192.168.0.0/16 to any
block in quick on hme0 from
172.16.0.0/12 to any
block in quick on hme0 from
127.0.0.0/8 to any
block in quick on hme0 from
10.0.0.0/8 to any
block in quick on hme0 from
0.0.0.0/8 to any
block in quick on hme0 from
169.254.0.0/16 to any
block in quick on hme0 from
192.0.2.0/24 to any
block in quick on hme0 from
204.152.64.0/23 to any
block in quick on hme0 from
224.0.0.0/3 to any
block in quick on hme0 from any
to 10.0.0.0/32
block in quick on hme0 from any
to 10.0.255.255/32
block in quick on hme0 from any
to 192.168.0.0/32
block in quick on hme0 from any
to 192.168.255.255/32
pass in quick on hme0 proto tcp
from any to 200.26.56.112 port
= 80 flags
S keep state
pass in quick on hme0 proto tcp
from any to 200.26.56.112 port
= 443 flags
S keep state
block in quick on hme0 all
block out quick on hme0 all
pass in quick on hme1 proto tcp/udp
from 10.7.1.16 to 10.1.0.0/16 keep state
block in quick on hme1 all
pass out quick on hme1 proto icmp
from 10.7.1.1 to 10.7.1.0/24 icmp-type 8
keep state
block out quick on hme1 all
pass in log quick on hme2 proto tcp
from 10.86.0.0/16 to 10.7.1.16 port =
3389 flags S keep
state
pass in log quick on hme2 proto tcp
from 10.86.0.0/16 to 10.1.15.6 port = 22
flags S keep state
pass in log quick on hme2 proto
icmp from 10.86.0.0/16 to 10.1.15.6
icmp-type 8 keep state
block in quick on hme2 all
pass out log quick on hme2 proto
icmp from 10.1.15.6 to any
icmp-type 8 keep state
pass out log quick on hme2 proto udp
from 10.1.15.6 to 10.1.10.1 port = 53
keep state
pass out log quick on hme2 proto udp
from 10.1.15.6 to 10.1.10.5 port = 53
keep state
block in quick all
block out quick all
___________________________________________________________
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
http://correo.yahoo.com.ar
--- Begin Message ---
Sounds like it may also be syslog related. Can you send your syslog.conf also?
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of G. Roderick
Singleton
Sent: January 27, 2006 12:56 PM
To: Sebastian Anzaldi
Cc: [email protected]
Subject: Re: Problem running ipmon under FreeBSD/Sparc64
On Fri, 2006-01-27 at 16:09 -0300, Sebastian Anzaldi wrote:
> I few days ago I asked the following question:
>
>
> I've installed FreeBSD 5.4 for sparc64. IPFilter works
> perfectly but when I add "log" to the rules set, ipmon
> doesn't show anything:
>
> FirewallBSD# ipmon -o I
>
> Ipmon is up, but does not log any blocked or passed
> packets.
please post your rules.
[snipped]
--
G. Roderick Singleton <[EMAIL PROTECTED]>
PATH tech
--- End Message ---
