site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:in-reply-to:references :mime-version:content-type:message-id:cc:content-transfer-encoding :from:subject:date:to:x-mailer; bh=8nrQ8BDJtb+Rp2++fIc6pGz5sWNgnjmpi2r0tD4N2xc=; b=DXwMxbkyT1s48Y8vulpKKngo+iBoe9p0szW7eT0wvE2+lQ529V1aYXwyGck6bZrQ84 YNBjnYxxtQTPuFyTcpVj3dCNbdnQ9vQhAG0gaHHQBfj87vzegEr2tVwpZy+kzzusup7g 0ozx/1xWVYVP3FY7b1s4NpS/muO0z9S3hYsEE= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=in-reply-to:references:mime-version:content-type:message-id:cc :content-transfer-encoding:from:subject:date:to:x-mailer; b=kUufL8zostE1I9TJbdfJHOx64aeOzxppc9QyH1/8Day7xvHmE9ajXrT/5JiaoZ5ORq Z54BsVe/DIG6NMkI3BqYEnr8xrUeoj4vNt00IO37s/zQre5/8eJfiEjy/nThWOE0O2Wg of4fgkZzxcrOprU2TGMUPdgVeIleXeDur238w= On Dec 24, 2008, at 5:02 PM, Jeremy wrote: vs. ipfw has been integrated into the xnu kernel as far as I know. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... Trying to find the source for the implementation of ipfw included in OS X 10.5. Specifically I'm trying to find out what syslog facility ipfw is supposed to log to. The manpage for ipfirewall(4) states that it logs to LOG_SECURITY, as does the code in ip_fw2.c from the FreeBSD site (http:// www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_fw2.c). According to /usr/include/sys/syslog.h the LOG_SECURITY facility is aliased to LOG_AUTH, so messages should be available there. However, none of the above information seems to match reality. When net.inet.ip.fw.verbose is set to 1 then ipfw messages are sent to the facility LOG_KERN at the debug level. When net.inet.ip.fw.verbose is set to 2 then ipfw messages are sent to / var/appfirewall.log in a slightly non-standard format. Example: "Dec 15 13:55:17 hostname Firewall73: 65534 Deny TCP x.x.x.x:51182 x.x.x.x:9 in via en0" "Dec 15 12:25:18 hostname kernel[0]: ipfw: 65534 Deny TCP x.x.x.x: 45768 x.x.x.x:1002 in via en0" So it appears that the source on the FreeBSD site is not that which is in use in OS X. Does anyone know where the actual in use ipfw source can be acquired? This email sent to site_archiver@lists.apple.com