Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 28 May 2003 22:14:19 +0200
From:      "Simon L. Nielsen" <simon@nitro.dk>
To:        Erik Paulsen Sk?lerud <erik@pentadon.com>, security@freebsd.org
Subject:   Re: FW: Question about logging.
Message-ID:  <20030528201417.GA3741@nitro.dk>
In-Reply-To: <20030528200431.GA1676@straylight.oblivion.bg>
References:  <20030528174703.GW90377@numachi.com> <007d01c32543$94c3c3c0$0a00000a@yes.no> <20030528183624.GC1981@nitro.dk> <20030528200431.GA1676@straylight.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help 

--X1bOJ3K7DJ5YkBrT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2003.05.28 23:04:32 +0300, Peter Pentchev wrote:
> On Wed, May 28, 2003 at 08:36:24PM +0200, Simon L. Nielsen wrote:
> > On 2003.05.28 20:04:28 +0200, Erik Paulsen Sk?lerud wrote:
> >=20
> > > Yeah, I've gotten that far. But, how can I explicity -only- filter ou=
t ipfw
> > > messages from the default console output? Looks like the only way is =
to
> > > remove kern.debug :(
> >=20
> > I think you can use something like this in syslog.conf (untested) :
> >=20
> > !-ipfw
> > *.err;kern.debug;auth.notice;mail.crit          /dev/console
>=20
> This would match log entries generated by a userland application named
> 'ipfw'.  The ipfw log lines are, however, generated by the *kernel*, and
> they would never match this rule.

Ehh, I have the following in my syslog.conf, and it works just fine :

!ipfw
*.*                                             /var/log/ipfw.log

I only get lines like :
May 20 02:16:28 arthur /kernel: ipfw: 65300 Deny UDP 192.168.3.2:53 192.168=
=2E2.3:49239 in via xl0
in var/log/ipfw.log

I guess it shouldn't work, but it does :-)

--=20
Simon L. Nielsen

--X1bOJ3K7DJ5YkBrT
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQE+1RiZ8kocFXgPTRwRAnGuAKCnfMhCFr9IO9rOhn14D6L5bCtt3ACeIHXS
5G9VYTUFbHhBoNHkcsMa6jc=
=DWxE
-----END PGP SIGNATURE-----

--X1bOJ3K7DJ5YkBrT--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030528201417.GA3741>