Re: What's wrong with ipmon?

[herbert langhans <herbert.raimund%langhans.com.pl@localhost>]

On Mon, May 14, 2012 at 11:09:28AM +0200, Manuel Bouyer wrote:
> On Mon, May 14, 2012 at 11:06:17AM +0200, herbert langhans wrote:
> > It definitely has is on (no # ahead)- it spits out:
> > ...
> > options         IPFILTER_LOG    # ipmon(8) log support
> > ...
> > 
> > (quite adventurous, these kernel options)
> > 
> > There should be everything right for the ip-logging. I really wonder if
> > its not a bug in 5.1 ... What else could be wrong?
> 
> I guess you properly used 'log' in your ipf rules ?
> I've been using ipf on 5.1-ish systems, and logging is working ...
> 
> -- 
> Manuel Bouyer <bouyer%antioche.eu.org@localhost>
>      NetBSD: 26 ans d'experience feront toujours la difference
> --

You guessed wrong. I thought it says at least anything by default!

Now I assigned (in ipf.conf) some lines like this:
block out log on nfe0 from manul to 62.213.199.236
There is 'log' now in the line what hasn't been there before.

But do I have to modify syslog.conf as well? I googled that there has to be
something like:
local0.*        /var/log/ipflog.log

Or is is enough to have in /etc/rc.d:
ipfilter=YES
ipmon=YES

Thanks, I think I am already close to the solution!
herb langhans

-- 
sprachtraining langhans
herbert langhans, warschau
herbert.raimund[at]gmx.net
herbert[at]langhans.com.pl
http://www.langhans.com.pl
+0048 603 341 441

| jabber:herbs
| icq:414500866
| yahoo_im:herbert.raimund