From owner-freebsd-questions  Tue Aug 20 14:14:15 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D563B37B400
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Aug 2002 14:14:12 -0700 (PDT)
Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5AB4643E72
	for <freebsd-questions@FreeBSD.ORG>; Tue, 20 Aug 2002 14:14:11 -0700 (PDT)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Received: from localhost (localhost [127.0.0.1])
	by cactus.fi.uba.ar (8.11.6/8.11.6) with ESMTP id g7KLCaX91437;
	Tue, 20 Aug 2002 18:12:36 -0300 (ART)
	(envelope-from fgleiser@cactus.fi.uba.ar)
Date: Tue, 20 Aug 2002 18:12:36 -0300 (ART)
From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar>
X-X-Sender:  <fgleiser@localhost>
To: "Michael J. Turner" <mike@inethouston.net>
Cc: <freebsd-questions@FreeBSD.ORG>
Subject: Re: IPMON
In-Reply-To: <00f701c24886$8f3aad00$f100a8c0@rns02>
Message-ID: <20020820180505.C89578-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

<nettiquette>

Please, Dont be impatient. Sending the same post twice in 20 minutes won't
get you more answers. Send the mail, wait for a day, and then, if you didn't
get an answer, try again

</nettiquette>


On Tue, 20 Aug 2002, Michael J. Turner wrote:

> Hi im trying to get ipmon to start logging. Im running
>
> 4.5-STABLE FreeBSD.
>
> I have ipf in my kernel via
> options         IPFILTER                #ipfilter support
> options         IPFILTER_LOG        #ipfilter logging
>
> and i have it enabled via
> enable_ipmon="YES"

What flags are you using to run ipmon? look at ipmon_flags in
/etc/defaults/rc.conf

If you want ipmon to use syslog, set ipmon_flags to "-D -s" or if you prefer
to log to a file, set it to "-D /var/log/ipf.log"


			Fer
>
> in syslog.conf i have
> Local0.*                                        /var/log/ipf.log
> Local1.*                                        /var/log/ipf.log
> security.*                                      /var/log/ipf.log
>
> The file ipf.log does exisit in /var/log.
> I've tried killing syslogd and all sorts of stuff.
> Im even loging things such as AIM, port 80,
> and my denys, which should make a big log fast.
> Yet i havent seen a log yet. Any ideas?
>
>
>
>
>
> Michael mike@inethouston.net
> <RainTree Network Services>
>
> h4x0r3d.
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message