From owner-freebsd-security@FreeBSD.ORG  Wed May 28 10:47:05 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D8D6537B405
	for <security@freebsd.org>; Wed, 28 May 2003 10:47:05 -0700 (PDT)
Received: from natto.numachi.com (natto.numachi.com [198.175.254.216])
	by mx1.FreeBSD.org (Postfix) with SMTP id B97A043F3F
	for <security@freebsd.org>; Wed, 28 May 2003 10:47:04 -0700 (PDT)
	(envelope-from reichert@numachi.com)
Received: (qmail 8762 invoked by uid 1001); 28 May 2003 17:47:03 -0000
Date: Wed, 28 May 2003 13:47:03 -0400
From: Brian Reichert <reichert@numachi.com>
To: Erik Paulsen =?unknown-8bit?Q?Sk=E5lerud?= <erik@pentadon.com>
Message-ID: <20030528174703.GW90377@numachi.com>
References: <005d01c32540$6f0b1dc0$0a00000a@yes.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=unknown-8bit
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <005d01c32540$6f0b1dc0$0a00000a@yes.no>
User-Agent: Mutt/1.4i
cc: security@freebsd.org
Subject: Re: FW: Question about logging.
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 May 2003 17:47:06 -0000

On Wed, May 28, 2003 at 07:41:56PM +0200, Erik Paulsen Skålerud wrote:
> I'm forwarding this to security@, as I'm getting no replies on ipfw@.
> 
> Hope it's relevant enough for you :(
> 
> ---Original Message-----
> From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org]
> On Behalf Of Erik Paulsen Skålerud
> Sent: Wednesday, May 28, 2003 1:02 AM
> To: ipfw@freebsd.org
> Subject: Question about logging.
> 
> 
> Sorry for asking this, It's probably been asked before, but I've searched
> google for a while now with no results :( I'm wondering if it's possible to
> restrict ipfw to -only- log to /var/log/ipfw.log ? Seems like the only way
> to remove ipfw-logging from the console output (dmesg) is to disable the
> security messages to the console.. Is there really no other way?

It says right in the mapagfe for ipfw(8):

  When a packet matches a rule with the log keyword, a message will
  be logged to syslogd(8) with a LOG_SECURITY facility.

So, unless you modify ipfw iteslf, you get to tune your syslogd.conf
file.

> 
> Thanks, erik.
> 

-- 
Brian 'you Bastard' Reichert		<reichert@numachi.com>
37 Crystal Ave. #303			Daytime number: (603) 434-6842
Derry NH 03038-1713 USA			BSD admin/developer at large