From owner-freebsd-questions  Sat Nov  6 15:42:24 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207])
	by hub.freebsd.org (Postfix) with ESMTP id 1E9CE14E17
	for <freebsd-questions@FreeBSD.ORG>; Sat,  6 Nov 1999 15:42:21 -0800 (PST)
	(envelope-from cjc@cc942873-a.ewndsr1.nj.home.com)
Received: (from cjc@localhost)
	by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id SAA33347;
	Sat, 6 Nov 1999 18:45:50 -0500 (EST)
	(envelope-from cjc)
From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com>
Message-Id: <199911062345.SAA33347@cc942873-a.ewndsr1.nj.home.com>
Subject: Re: Logging inetd and all connections/failures
In-Reply-To: <87hfiza18j.fsf@main.wgaf.net> from Arcady Genkin at "Nov 6, 1999 02:06:36 pm"
To: a.genkin@utoronto.ca (Arcady Genkin)
Date: Sat, 6 Nov 1999 18:45:50 -0500 (EST)
Cc: freebsd-questions@FreeBSD.ORG
Reply-To: cjclark@home.com
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Arcady Genkin wrote,
> Trying to make inetd and syslog log every connection attempt, I have
> added to my rc.conf.local:
> 
> inetd_flags="-lwW"
> log_in_vain="YES"

Usually you add this type of thing to rc.conf, but rc.conf.local
should work too.

> However, neither successful nor unccessful telnet connections are
> logged. 

You did reboot if you only made changes to rc.conf.local, right? If
you do,

% ps aux | grep inetd

What do you get? It should have the flags that you indicated.

> Neither are pings and alike. syslogd and inetd are running.

I believe inetd will only log connection attempts for ports on which it
is listening. Since it is only listening for TCP and UDP connections,
ICMP, like ping, will never be seen by inetd.

> What's missing?

What does your syslog.conf look like? inetd uses the 'daemon' facility
when generating messages. In the default syslog.conf, you will get
'notice' and above messages to /var/log/messages. A _very_ quick
glance at the source makes me think the logging of connections occurs
at the 'info' level. You will need to modify syslog.conf.
-- 
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message