User's Manual

56 Chapter 3 IP Firewall Service

Log Example 1

Dec 12 13:08:16 ballch5 mach_kernel: ipfw: 65000 Unreach TCP

10.221.41.33:2190 192.168.12.12:80 in via en0

This entry shows that firewall service used rule 65000 to deny (unreach) the remote

client at 10.221.41.33:2190 from accessing server 192.168.12.12 on Web port 80 via

Ethernet port 0.

Log Example 2

Dec 12 13:20:15 mayalu6 mach_kernel: ipfw: 100 Accept TCP

10.221.41.33:721 192.168.12.12:515 in via en0

This entry shows that firewall service used rule 100 to allow the remote client at

10.221.41.33:721 to access the server 192.168.12.12 on the LPR printing port 515 via

Ethernet port 0.

Log Example 3

Dec 12 13:33:15 smithy2 mach_kernel: ipfw: 10 Accept TCP

192.168.12.12:49152 192.168.12.12:660 out via lo0

This entry shows that firewall service used rule 10 to send a packet to itself on port 660

via the loopback device 0.

Viewing Denied Packets

Viewing denied packets can help you identify problems and troubleshoot firewall

service.

To view denied packets:

1 In Server Admin, choose Firewall from the Computers & Services list.

2 Click Settings.

3 Select the Logging tab.

4 Make sure “Log denied packets” is checked.

5 View log entries in Server Admin by clicking Log.

Viewing Packets Logged by Filter Rules

Viewing filtered packets can help you identify problems and troubleshoot firewall

service.

To view filtered packets:

1 Turn on logging of filtered packets in filter editing window.

See “Editing Advanced IP Filters” on page 54 if you have not turned on logging for a

particular filter.

2 To view log entries in Server Admin, choose Firewall from the Computers & Services list.

3 Click Log.

LL2351.Book Page 56 Monday, September 8, 2003 2:47 PM