Subject: Re: ip filter and logging
To: Darren Reed <email@example.com>
From: Andrew Brown <firstname.lastname@example.org>
Date: 04/13/2000 10:00:20
>> fwiw - i also find that with default pass and only "log" (ie, no
>> "pass", "block", or "count" lines) lines in my ipf.conf, my machine
>> becomes unreachable. is perhaps the "log" action short for "block
>Not quite. But if you do:
>log in blah
>then it's not a "pass" so how can it be pass'd ? I do recall there being
>a bug related to that which got fixed in 3.3.
based on this paragraph
log causes the packet to be logged (as described in the
LOGGING section below) and has no effect on whether
the packet will be allowed through the filter.
i assumed (wrongly, i guess) that log lines were similar to count
lines and that the default pass would still allow all packets through.
similarly, "count" is not a "pass", but it does. :)
|-----< "CODE WARRIOR" >-----|
email@example.com * "ah! i see you have the internet
firstname.lastname@example.org (Andrew Brown) that goes *ping*!"
email@example.com * "information is power -- share the wealth."