'RE: logging ipfilter'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    RE: logging ipfilter
From:       "Ivailo Tanusheff" <I.Tanusheff () procreditbank ! com>
Date:       2002-05-29 13:59:01
[Download RAW message or body]

[Attachment #2 (text/plain)]

You have two options:

1) run ipmon -Ds to log things in syslog (also use level for different
logging)
2) run ipmon -D /var/log/ipflog to log data in ipflog file

I hope that will help you 

Ivailo Tanusheff
System Administrator and Security Advisor
ProCredit Bank



-----Original Message-----
From: owner-ipfilter@coombs.anu.edu.au
[mailto:owner-ipfilter@coombs.anu.edu.au] On Behalf Of Tony Hamrick
Sent: Tuesday, May 28, 2002 9:24 PM
To: ipfilter@coombs.anu.edu.au
Subject: logging ipfilter

By the way,
I compiled with 
options         IPFILTER
options         IPFILTER_DEFAULT_BLOCK
options         IPFILTER_LOG
 
Any help appreciated!
-----Original Message-----
From: Tony Hamrick [mailto:Tony.Hamrick@DevelopOnline.com]
Sent: Tuesday, May 28, 2002 11:09 AM
To: ipfilter@coombs.anu.edu.au
Subject: logging ipfilter

I've got the last line of my filter file as follows: 
 block in log on fxp2 all  
I have some packets getting blocked & wish to see what they are.... 

I assume its going to /var/log 
Where is the file here? Here is a listing of my /var/log 

16 cron                  2 maillog.1.gz          8 cron.2.gz            
1 sendmail.st.4         1 sendmail.st.10 
  9 maillog               2 maillog.2.gz          2
maillog.7.gz          1 mount.today           1 .. 
  1 sendmail.st           2 maillog.3.gz          8
cron.3.gz             8 messages.0.gz         2 wtmp.2 
400 bsdsar.dat            8 cron.1.gz             4
dmesg.yesterday       1 sendmail.st.5         1 wtmp.3 
  6 wtmp                  1 sendmail.st.0         1
ipfw.yesterday        1 mount.yesterday      11 messages.1.gz 
 77 messages              2 maillog.4.gz          1
sendmail.st.1         1 sendmail.st.6         6 setuid.today 
 23 lastlog               1 ipfw.today            1
sendmail.st.2         1 sendmail.st.7         0 security 
  2 .                     4 dmesg.today           1
sendmail.st.3         1 sendmail.st.8         0 ppp.log 
  2 maillog.0.gz          2 maillog.5.gz          5
wtmp.0                3 wtmp.1                0 lpd-errs 
  8 cron.0.gz             2 maillog.6.gz          1
adduser               1 sendmail.st.9         0 slip.log 

Tony Hamrick 
Network Administration 
660 S. Mill Avenue Ste. 400 
Tempe, Arizona 85281 
office:480-377-6858 
Cell: 480-861-2112 
MessageToMyPager: 3232013565@pagenetmessage.net 
Email: Tony.Hamrick@DevelopOnline.com 


["Ivailo Tanusheff.vcf" (text/x-vcard)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic