From owner-freebsd-current Sat Jan 15 16:39:45 2000 Delivered-To: freebsd-current@freebsd.org Received: from ds.express.ru (ds.express.ru [212.24.32.7]) by hub.freebsd.org (Postfix) with ESMTP id 638E3150F5 for ; Sat, 15 Jan 2000 16:39:34 -0800 (PST) (envelope-from vova@express.ru) Received: from lanturn.kmost.express.ru ([212.24.37.109]) by ds.express.ru with esmtp (Exim 2.12 #8) id 129dii-0006Jk-00; Sun, 16 Jan 2000 03:39:04 +0300 Date: Sun, 16 Jan 2000 03:39:23 +0300 (MSK) From: "Vladimir B. Grebeschikov" X-Sender: vova@lanturn.kmost.express.ru To: Doug White Cc: current@FreeBSD.ORG Subject: Re: syslogd In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 15 Jan 2000, Doug White wrote: > > # log firewall messages ONLY in this file (noy in messages below) > > !!ipfw > > *.* /var/log/ipfw > > This is a bad example. ipfw messages come from the kernel so you can't > filter those. You are not right, man syslog.conf: ... Each block of lines is separated from the previous block by a tag. The tag is a line beginning with #!prog or !prog (the former is for compati- bility with the previous syslogd, if one is sharing syslog.conf files, for example) and each block will be associated with calls to syslog from > that specific program. A tag for ``foo'' will also match any message > logged by the kernel with the prefix ``foo: ''. ... it really works, try it > Doug White | FreeBSD: The Power to Serve > dwhite@resnet.uoregon.edu | www.FreeBSD.org -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message