10.4: Log firewall messages with custom configurations
Sep 02, '05 09:09:00AM • Contributed by: fabrizio
Sep 02, '05 09:09:00AM • Contributed by: fabrizio
Under Tiger, this previous hint, to create a custom ipfw setup to write log entries to the /var/log/ipfw.log file, doesn't work -- it seems that program blocks inside syslog.conf are ignored.
However, the solution is to modify (just a little bit) the script you use to launch ipfw at startup (if you are using a custom firewall configuration, you know what and where that is). The modifications are to set the verbose parameter to 2, and to launch the ipfwloggerd daemon.
This is the code that accomplish the goal (some details may vary, depending on your setup):
/usr/sbin/sysctl -w net.inet.ip.fw.verbose=2
/usr/sbin/sysctl -w net.inet.ip.fw.verbose_limit=0
/usr/libexec/ipfwloggerd
/sbin/ipfw -q flush
/sbin/ipfw -q /etc/ipfw.conf
[robg adds: I haven't tested this one...]
•
[7,392 views]
