Date: Sat, 14 May 2005 16:20:10 +0200 (CEST) From: "Per Berger" <freebsd@stortsett.se> To: fbsd_user@a1poweruser.com Cc: FreeBSD questions <freebsd-questions@freebsd.org> Subject: RE: ipfilter and logging... Message-ID: <62310.192.168.214.1.1116080410.squirrel@kalle.stortsett.local> In-Reply-To: <MIEPLLIBMLEEABPDBIEGAENDHEAA.fbsd_user@a1poweruser.com> References: <4285EEDF.4070902@stortsett.se> <MIEPLLIBMLEEABPDBIEGAENDHEAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On L=F6, 2005-05-14, 15:00, fbsd_user skrev: > > add security.none to the line for /var/log/messages file to stop > ipfilter from logging to that file. > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Per Berger > Sent: Saturday, May 14, 2005 8:28 AM > To: FreeBSD questions > Subject: ipfilter and logging... > > > Hi! > > So I've installed ipfilter and ipnat with help from the handbook. It > works great so now my box is connected to my ADSL connection. > > But... (there is always a but...) > > I am confused regarding logging. The handbook says that I can add > "security.*" in syslog.conf and specify a logfile to log the > firewall. > But there is already an entry in syslog.conf "security.*" from > install ( > I am running 5.4-RELEASE upgraded from 5.3 via cvsup (which worked > great > btw...)) pointing at /var/log/security. And all logging goes to > /var/log/security. But at least some of it goes also to > /var/log/messages; seems to be the "final" rules that goes there, > i.e. > such as "block in log first quick on fxp0 all". > > My syslog.conf looks like this: > > " > ... > *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err > /var/log/messages > security.* /var/log/security > ... > " > > (sorry for truncation, hope you get the picture...) > > Now for my question. I do really want a separate log file for > ipfilter. > How would a change syslog.conf to separate out the ipfilter logs > from > the rest without breaking any other logging? Or, at least, how do I > change the line for /var/log/messages so that no ipfilter stuff goes > there without breaking something else? > > Sorry if this is obvious stuff but I've searched for the answer but > is > only getting more confused the more I search... > > > -- > Per Berger > > _ > ASCII ribbon campaign > ( ) > - against HTML, vCards and > X > - proprietary attachments in e-mail > / \ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > Thanks! That did it! /Per --=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?62310.192.168.214.1.1116080410.squirrel>