[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: Question on ruleset
From:       Phil Dibowitz <webmaster () ipom ! com>
Date:       2001-07-26 4:03:35
[Download RAW message or body]

Jim Sandoz wrote:

> phil,
> 
> the missing return-RST is a solaris-specific issue, see
> http://false.net/ipfilter/2001_06/0016.html
> or the equivalent thread at
> http://marc.theaimsgroup.com/?l=ipfilter&m=99140340904681&w=2
> 
> so you need an exit rule to let the ipf generated RST "escape".
> 
> as for the logging, does the ipmon -s process capture the event?
> 

Ah yes.  forgot about the 'letting the RST back out'... that should be fixed one of \
these days. Thanks Jim.

As for ipmon -s... Yes... yes as in, it's being given to syslog and syslog is logging \
it. I'm curious as to how/why/when ipmon -oI doesn't work though.

Phil
--
Insanity Palace of Metallica
http://www.ipom.com
webmaster@ipom.com
--


[prev in list] [next in list] [prev in thread] [next in thread]