Date: Mon, 13 Apr 1998 18:46:05 -0700 (PDT) From: Archie Cobbs <archie@whistle.com> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/6292: syslogd cannot put kernel loggings into separate files Message-ID: <199804140146.SAA06474@bubba.whistle.com>
next in thread | raw e-mail | index | archive | help
>Number: 6292 >Category: bin >Synopsis: syslogd cannot put kernel loggings into separate files >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Apr 13 18:50:01 PDT 1998 >Last-Modified: >Originator: Archie Cobbs >Organization: Whistle Communications, Inc. >Release: FreeBSD 2.2.6-RELEASE i386 >Environment: FreeBSD 2.2.6-RELEASE >Description: Using syslogd, all messages logged by the kernel must go into a single file, whereas with user programs, you can "fork" output from different programs into different files, by using this construct in /etc/syslogd.conf: !ftpd *.* /var/log/ftp !ppp *.* /var/log/ppp.log My proposal is to allow this to work on messages from the kernel that have a "program" prefix, ie, the message begins with alphanumerics followed by a colon character. Then you can do this: !ipfw *.* /var/log/ipfw Since all ipfw rule matches are logged with the prefix "ipfw:" then they will all get sent to /var/log/ipfw instead of /var/log/messages. Admittedly, this is something of a hack.. but until someone comes up with a better system, this would be nice to have.. >How-To-Repeat: Match a logging ipfw rule. Watch the result go to /var/log/messages and get lost in the chaos. >Fix: Apply patch below to syslogd.c: >Audit-Trail: >Unformatted: >From owner-freebsd-isp@freebsd.org Wed Mar 25 11:56:44 1998 From: Archie Cobbs <archie@whistle.com> Message-Id: <199803251954.LAA15909@bubba.whistle.com> Subject: Re: ipfw logging... In-Reply-To: <35195EC2.4506F2DB@san.rr.com> from Studded at "Mar 25, 98 11:45:06 am" To: Studded@san.rr.com (Studded) Date: Wed, 25 Mar 1998 11:54:57 -0800 (PST) Cc: isp@freebsd.org X-Mailer: ELM [version 2.4ME+ PL31 (25)] Sender: owner-freebsd-isp@freebsd.org X-Loop: FreeBSD.org Studded writes: > Archie Cobbs wrote: > > Try adding this to /etc/syslog.conf: > > > > !ipfw > > *.* /var/log/ipfw > > This doesn't work. IPFW logs to the kernel facility, although I > wouldn't mind seeing an option to change that. :) Yeah.. we do this on the InterJet and I forgot it was a custom hack. Try the following patch to syslogd.c and see if that helps. If so, I'll file the patch in a send-pr bug. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com *** syslogd.c Mon Mar 9 05:56:07 1998 --- /usr/prod/ia/whistle/bin/syslogd/syslogd.c Wed Nov 26 15:37:39 1997 *************** *** 537,544 **** int c, pri, flags; char *lp, *p, *q, line[MAXLINE + 1]; ! (void)strcpy(line, bootfile); ! (void)strcat(line, ": "); lp = line + strlen(line); for (p = msg; *p != '\0'; ) { flags = SYNC_FILE | ADDDATE; /* fsync file after write */ --- 464,477 ---- int c, pri, flags; char *lp, *p, *q, line[MAXLINE + 1]; ! /* See if kernel has provided a "program" prefix already */ ! for (p = msg; *p && isalnum(*p); p++); ! if (*p == ':' && (p - msg) < MAXLINE) { ! *line = 0; /* Use kernel's prefix */ ! } else { ! (void)strcpy(line, bootfile); /* Prefix with bootfile name */ ! (void)strcat(line, ": "); ! } lp = line + strlen(line); for (p = msg; *p != '\0'; ) { flags = SYNC_FILE | ADDDATE; /* fsync file after write */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804140146.SAA06474>