RE: Problem running ipmon under FreeBSD/Sparc64

#1 (**permalink**) 01-30-2006

I really apreciate your help. These are my files,
syslog.conf and ipf.rules

Regards.

#### syslog.conf

*.err;kern.warning;auth.notice;mail.crit
/dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.cr it;news.err
/var/log/messages
security.*
/var/log/security
auth.info;authpriv.info
/var/log/auth.log
mail.info
/var/log/maillog
lpr.info
/var/log/lpd-errs
ftp.info
/var/log/xferlog
cron.*
/var/log/cron
*.=debug
/var/log/debug.log
*.emerg *
!startslip
*.*
/var/log/slip.log
!ppp
*.*
/var/log/ppp.log

##### rules set

block in quick all with short
block in quick all with frag
block in quick on hme0 proto tcp
all flags FUP
block in quick on hme0 from
192.168.0.0/16 to any
block in quick on hme0 from
172.16.0.0/12 to any
block in quick on hme0 from
127.0.0.0/8 to any
block in quick on hme0 from
10.0.0.0/8 to any
block in quick on hme0 from
0.0.0.0/8 to any
block in quick on hme0 from
169.254.0.0/16 to any
block in quick on hme0 from
192.0.2.0/24 to any
block in quick on hme0 from
204.152.64.0/23 to any
block in quick on hme0 from
224.0.0.0/3 to any
block in quick on hme0 from any
to 10.0.0.0/32
block in quick on hme0 from any
to 10.0.255.255/32
block in quick on hme0 from any
to 192.168.0.0/32
block in quick on hme0 from any
to 192.168.255.255/32
pass in quick on hme0 proto tcp
from any to 200.26.xx.zz port =
80 flags
S keep state
pass in quick on hme0 proto tcp
from any to 200.26.xx.zz port =
443 flags
S keep state
block in quick on hme0 all

block out quick on hme0 all

pass in log quick on hme1 proto
tcp/udp from 10.7.1.16 to 10.1.0.0/16 keep
state
block in quick on hme1 all

pass out log quick on hme1 proto
icmp from 10.7.1.1 to 10.7.1.0/24
icmp-type 8 keep state
block out quick on hme1 all

pass in log quick on hme2 proto
tcp from 10.86.0.0/16 to 10.7.1.16 port =
3389 flags S keep state
pass in log quick on hme2 proto
tcp from 10.86.0.0/16 to 10.1.15.6 port =
22 flags S keep state
pass in log quick on hme2 proto
icmp from 10.86.0.0/16 to 10.1.15.6
icmp-type 8 keep state
block in quick on hme2 all

pass out log quick on hme2 proto
icmp from 10.1.15.6 to any
icmp-type 8 keep state
pass out log quick on hme2 proto
udp from 10.1.15.6 to 10.1.10.1 port =
53 keep state
pass out log quick on hme2 proto
udp from 10.1.15.6 to 10.1.10.5 port =
53 keep state
block in quick all
block out quick all

--- Erik Huizing <erik.huizing@sjrb.ca> escribió:

> Sounds like it may also be syslog related. Can you
> send your syslog.conf also?
>
> -----Original Message-----
> From: owner-ipfilter@coombs.anu.edu.au
> [mailto:owner-ipfilter@coombs.anu.edu.au]On Behalf
> Of G. Roderick
> Singleton
> Sent: January 27, 2006 12:56 PM
> To: Sebastian Anzaldi
> Cc: ipfilter@coombs.anu.edu.au
> Subject: Re: Problem running ipmon under
> FreeBSD/Sparc64
>
>
> On Fri, 2006-01-27 at 16:09 -0300, Sebastian Anzaldi
> wrote:
> > I few days ago I asked the following question:
> >
> >
> > I've installed FreeBSD 5.4 for sparc64. IPFilter
> works
> > perfectly but when I add "log" to the rules set,
> ipmon
> > doesn't show anything:
> >
> > FirewallBSD# ipmon -o I
> >
> > Ipmon is up, but does not log any blocked or
> passed
> > packets.
>
> please post your rules.
>
> [snipped]
> --
> G. Roderick Singleton <gerry@pathtech.org>
> PATH tech
>
>

__________________________________________________ _________
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
http://correo.yahoo.com.ar

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode