Sorry - forgot to mention: I'm using the latest stable Version 2009.06.
-----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Kai Krebber Gesendet: Montag, 10. Mai 2010 09:38 An: [email protected] Betreff: [networking-discuss] logging of ipfilter traffic Hi! I tried to get a log from ipfilter, so I can see -)what has been allow, -)what has been blocked and -)how packets have been NATted. I tried following the instructions, found in http://www.linuxtopia.org/online_books/opensolaris_2008/SYSADV3/html/faa vk.html#gdfwa But I don't get anything in the log. What I did: a) created ipfilter-rules with logging: r...@kunde003-wan:/etc/ipf# cat ipf.conf # Non-service programs rules # Global Default rules #pass in proto udp from 10.2.2.2 port != 53 to localhost pass in log quick on wan3001 from 213.172.123.138/32 to 213.172.115.4/32 pass in log quick on wan3001 from 120.0.0.0/24 to 213.172.115.4/32 block in log quick on wan3001 all b) created NAT-rules r...@kunde003-wan:/etc/ipf# cat ipnat.conf map wan3001 120.0.0.0/24 -> 82.100.214.138/32 c) checked that the rules got activated: r...@kunde003-wan:/etc/ipf# ipfstat -io empty list for ipfilter(out) pass in log quick on wan3001 from 213.172.123.138/32 to 213.172.115.4/32 pass in log quick on wan3001 from 120.0.0.0/24 to 213.172.115.4/32 block in log quick on wan3001 all d) checked that the nat-rules got activated: r...@kunde003-wan:/etc/ipf# ipnat -l List of active MAP/Redirect filters: map wan3001 120.0.0.0/24 -> 82.100.214.138/32 List of active sessions: e) touched /var/log/ipfilter.log: r...@kunde003-wan:/etc/ipf# ls -l /var/log/ipfilter.log -rw-r--r-- 1 root root 0 May 7 15:01 /var/log/ipfilter.log f) told syslog to log into /var/log/ipfilter.log: r...@kunde003-wan:/etc/ipf# grep ipfilter /etc/syslog.conf local0.debug /var/log/ipfilter.log g) restarted system-log: r...@kunde003-wan:/etc/ipf# svcs -a | grep system-log online 9:30:36 svc:/system/system-log:default I assume that I have to tell ipfilter to generally log to facility local0, but I don't know how? Does anybody have an idea, what I am missing to activate logging for ipfilter? Thanks, Kai _______________________________________________ networking-discuss mailing list [email protected] _______________________________________________ networking-discuss mailing list [email protected]
