2011/7/20 Wesley MOUEDINE ASSABY <open...@e-solutions.re>: > Also, > you can see a sample on http://mouedine.net/ruleset49.aspx > > Wesley. > > On Wed, 20 Jul 2011 14:27:27 +0400, Wesley MOUEDINE ASSABY > <open...@e-solutions.re> wrote: >> Hi, >> >> Try this: >> block log return >> >> Cheers, >> >> Wesley. >> >> On Wed, 20 Jul 2011 01:09:09 -0700, fqui nonez <fquinon...@gmail.com> >> wrote: >>> Hello >>> >>> I have a sshd/ftpd/httpd server box, 4.9 stable; and I want to log all >>> blocked packets, and send them to /var/log/pfblocklog to be read with >>> tcpdump. What and where should be the rule? >>>
>>> >>> Thanks for your attention. Hello I changed it to: # $OpenBSD: pf.conf,v 1.49 2009/09/17 06:39:03 jmc Exp $ # set skip on lo ### Agregadas por mi: (added by me) block log pass out quick on rl0 antispoof quick for rl0 pass in log on rl0 proto tcp from any to port 22 pass in log on rl0 proto tcp from any to port 21 pass in log on rl0 proto tcp from any to port 80 ### Fin. (end) # filter rules and anchor for ftp-proxy(8) anchor "ftp-proxy/*" pass in quick proto tcp to port ftp rdr-to 127.0.0.1 port 8021 Thank so much both. How does it look?
