• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to controlling ipfw log using sysctl variables
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to controlling ipfw log using sysctl variables

  • Subject: Re: How to controlling ipfw log using sysctl variables
  • From: Axel Luttgens <email@hidden>
  • Date: Tue, 30 Jun 2009 16:57:55 +0200
Le 29 juin 09 à 09:41, rajesh mishra a écrit :

I am new to Mac OS X.Can you tell me which mail list would
be appropriate for this kind of problem?

Regards
Rajesh.


Hello Rajesh,

You could have a look at, for example:
	http://lists.apple.com/mailman/listinfo/
	http://discussions.apple.com/index.jspa
	http://www.afp548.com/forum/index.php
	http://forums.macosxhints.com/


On Sun, Jun 28, 2009 at 6:03 AM, Finlay Dobbie <email@hidden >wrote:

Firstly, this has nothing to do with Darwin.

Secondly, the Leopard application-level firewall is not based on ipfw.

-- Finlay

On Fri, Jun 26, 2009 at 9:55 AM, rajesh mishra<email@hidden> wrote: 
Hi All,
I have set System Preference -> Security -> Firewall -> Advanced ->
Enable 
Firewall Logging to false.
And system variable net.inet.ip.fw.verbose to 2.

Note that this is a Mac OS X "special" value, requiring the in-kernel ipfw to log through the kev_post_msg() function after removal of the ipfw: prefix. At the other end of the chain, this will end in log messages sent with a facility LOG_LOCAL0.


But I am not getting the
ipfw logging to /var/log/appfirewall.log in Leopard (Mac OS X 10.5.4).

Does any body know why I am not getting loggs?
Is there any thing else hidden in Leopard (Mac OS X 10.5.4), which
controls
the IPFW logging?

Unless I'm wrong, this should be the job of /usr/libexec/ ApplicationFirewall/appfwloggerd: to filter the ipfw messages ultimately have them written to /var/log/ipfw.log.
The problem is that appfwloggerd seems to be compiled so as to make use of a facility of... LOG_LOCAL0 as well, instead of LOG_LOCAL1 as expected by /etc/syslog.conf.

Looks like there's a bug somewhere... ;-)

The source code of appfwloggerd hasn't been made public, but that daemon looks very close to ipfwloggerd that shipped with Tiger. For what it is worth, I thus quickly tried to compile the latter from project "FirewallTool-18" after having changed LOG_LOCAL0 into LOG_LOCAL1 and it seemed to work.

Now, the real question is: why exactly do you want to have those messages written to /var/log/ipfw.log? Isn't it sufficient for your needs to have them into /var/log/appfirewall.log?

HTH,
Axel _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >How to controlling ipfw log using sysctl variables (From: rajesh mishra <email@hidden>)


 >Re: How to controlling ipfw log using sysctl variables (From: Finlay Dobbie <email@hidden>)


 >Re: How to controlling ipfw log using sysctl variables (From: rajesh mishra <email@hidden>)






    

  • Prev by Date:
Re: Serial device open(2) hang.

    • 

  • Previous by thread:
Re: How to controlling ipfw log using sysctl variables

    • 

  • Next by thread:
Serial device open(2) hang.

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •