[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Logging problems with ipf-ruleset.

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Logging problems with ipf-ruleset.
From: Edvard Fagerholm <edvard_(_dot_)_fagerholm_(_at_)_pp_(_dot_)_fi>
Date: Mon, 02 Oct 2000 18:33:53 +0000

Camiel Dobbelaar wrote:
> 
> Ok, disregard my previous post. You seem to be using 'fastroute'. Isn't
> 'dup-to' more appropriate?
> 
> --
> Cam
> 
> > OK, this is my first transparent fw I've tried ipf with. The problem
> > with this ruleset is that only packets heading to 212.xxx.xxx.8 |
> > 212.xxx.xxx.15 get logged (or sent to the ne3 interface). I'd like to
> > get everything logged...

Ok, I tried using 'dup-to' instead of 'to', but no help.

On Darren's ipf page there's an example:
block in quick to qe3:packetlog proto tcp all with short

If I change this to:
block in quick to ne3 proto tcp all

I get the error: "unexpected keyword (to) - from"
Changing 'to ne3' to 'to ne3:192.168.1.2' doesn't help either.

Could this be an issue with the old ipf version, as the version that
comes with OpenBSD 2.7 is quite old (3.3.13). I don't want to upgrade
just no notice it didn't help as my fw only has 200mb of hd and it's
quite a mess trying to compile anything on it.

Also doing a 'to xxX:whatever', does it change the destination address
of the ip-layer, or is it only for determining the destination
HWaddress?

Regards
Edvard Fagerholm

Prev by Date: ipf question
Next by Date: Kernel dropping packets
Previous by thread: Re: Logging problems with ipf-ruleset.
Next by thread: Re: Logging problems with ipf-ruleset.
Index(es):
- Date
- Thread

Visit your host, monkey.org