Date: Wed, 14 Oct 1998 14:31:46 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: mike@seidata.com, "N. N.M" <madrapour@hotmail.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Again logging! Message-ID: <3.0.3.32.19981014143146.0105ff00@207.227.119.2> In-Reply-To: <Pine.BSF.4.05.9810141120260.16462-100000@ns1.seidata.com> References: <19981014142006.22104.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:26 AM 10/14/98 -0400, mike@seidata.com wrote: >On Wed, 14 Oct 1998, N. N.M wrote: > >> 1- I installed TCP Wrapper in the way that I moved the real daemons to >> another directory and copied "tcpd" instead of real daemons. I don't >> know how I can get it's logs. I add a line to log the messages from >> "tcpd" to a file. But it didn't work. > >Default install dumps to /var/log/messages for me - what do you mean >by 'get it's logs'? Yes, but the facility is LOG_AUTH if you use the port. The original source uses LOG_MAIL for some odd reason. Either way it should be logged in messages with the original install's syslog.conf, which lumps it in with other daemons. Personally I change patch-aa to use LOG_LOCAL7 and in syslog.conf I direct local7.* to /var/log/tcpd, which IMO should have a logfile to itself. Then again I like to break things down more than the original syslog.conf does, which makes it easier to sift out the chaff. If you are not familiar with the diff's, it would be better to 'make patch', edit the Makefile, then 'make' and 'make install' (or just 'make install'). Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19981014143146.0105ff00>