Date: Wed, 28 May 2003 23:04:32 +0300 From: Peter Pentchev <roam@ringlet.net> To: "Simon L. Nielsen" <simon@nitro.dk> Cc: security@freebsd.org Subject: Re: FW: Question about logging. Message-ID: <20030528200431.GA1676@straylight.oblivion.bg> In-Reply-To: <20030528183624.GC1981@nitro.dk> References: <20030528174703.GW90377@numachi.com> <007d01c32543$94c3c3c0$0a00000a@yes.no> <20030528183624.GC1981@nitro.dk>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Wed, May 28, 2003 at 08:36:24PM +0200, Simon L. Nielsen wrote: > On 2003.05.28 20:04:28 +0200, Erik Paulsen Sk?lerud wrote: > > > Yeah, I've gotten that far. But, how can I explicity -only- filter out ipfw > > messages from the default console output? Looks like the only way is to > > remove kern.debug :( > > I think you can use something like this in syslog.conf (untested) : > > !-ipfw > *.err;kern.debug;auth.notice;mail.crit /dev/console This would match log entries generated by a userland application named 'ipfw'. The ipfw log lines are, however, generated by the *kernel*, and they would never match this rule. > Or something along those lines... Logging kern.security to a separate file should be enough, I think? Never tried it, though. > Try looking at syslog.conf(5), it does explain a lot. Yep, that too :) G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This would easier understand fewer had omitted. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+1RZP7Ri2jRYZRVMRAtQKAKCkT2E2q+Z5Gl92aN0rNqcPw8qU1ACgv5fr vMcgFAQo4AOmDH/AwQVA1kc= =3FMT -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030528200431.GA1676>