Date: Wed, 28 May 2003 23:10:39 +0200 From: "Simon L. Nielsen" <simon@nitro.dk> To: "Taras Y. NIZHNIK" <taren@el.ntu-kpi.kiev.ua> Cc: security@freebsd.org Subject: Re: FW: Question about logging. Message-ID: <20030528211038.GB3741@nitro.dk> In-Reply-To: <20030528233144.R52694-100000@doppelganger.el.ntu-kpi.kiev.ua> References: <20030528201417.GA3741@nitro.dk> <20030528233144.R52694-100000@doppelganger.el.ntu-kpi.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
--s2ZSL+KKDSLx8OML Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.05.28 23:39:54 +0300, Taras Y. NIZHNIK wrote: > On Wed, 28 May 2003, Simon L. Nielsen wrote: > > > This would match log entries generated by a userland application named > > > 'ipfw'. The ipfw log lines are, however, generated by the *kernel*, = and > > > they would never match this rule. > > Ehh, I have the following in my syslog.conf, and it works just fine : > > > > !ipfw > > *.* /var/log/ipfw.log > > > > I only get lines like : > > May 20 02:16:28 arthur /kernel: ipfw: 65300 Deny UDP 192.168.3.2:53 192= =2E168.2.3:49239 in via xl0 > > in var/log/ipfw.log > > > > I guess it shouldn't work, but it does :-) > Why do you think it should not? Actually only bacuse Peter Pentchev said it shouldn't, and I didn't read the manual page carefully enough before posting. Thanks for correcting me. --=20 Simon L. Nielsen --s2ZSL+KKDSLx8OML Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+1SXO8kocFXgPTRwRAvg5AJ4q63RL7epCHmiLxoT9Nnc7zkbYhACglzEx fIGgywOgplHdmbTNEXDcC/Y= =qMz+ -----END PGP SIGNATURE----- --s2ZSL+KKDSLx8OML--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030528211038.GB3741>