From owner-freebsd-jail@freebsd.org Tue Feb 12 08:35:11 2019 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D8E4C14DC528 for ; Tue, 12 Feb 2019 08:35:11 +0000 (UTC) (envelope-from srs0=cpp7=qt=vega.codepro.be=kp@codepro.be) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 4C584802FF for ; Tue, 12 Feb 2019 08:35:11 +0000 (UTC) (envelope-from srs0=cpp7=qt=vega.codepro.be=kp@codepro.be) Received: by mailman.ysv.freebsd.org (Postfix) id 0AF9514DC525; Tue, 12 Feb 2019 08:35:11 +0000 (UTC) Delivered-To: jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EAE2A14DC524 for ; Tue, 12 Feb 2019 08:35:10 +0000 (UTC) (envelope-from srs0=cpp7=qt=vega.codepro.be=kp@codepro.be) Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.codepro.be", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 865DE802FC for ; Tue, 12 Feb 2019 08:35:10 +0000 (UTC) (envelope-from srs0=cpp7=qt=vega.codepro.be=kp@codepro.be) Received: from vega.codepro.be (unknown [172.16.1.3]) by venus.codepro.be (Postfix) with ESMTP id 7C1C9F926; Tue, 12 Feb 2019 09:35:08 +0100 (CET) Received: by vega.codepro.be (Postfix, from userid 1001) id 76F8B2B82C; Tue, 12 Feb 2019 09:35:08 +0100 (CET) Date: Tue, 12 Feb 2019 09:35:08 +0100 From: Kristof Provost To: "Rudy (bulk address)" Cc: jail@freebsd.org Subject: Re: "ipfw log" messages from jail show in host syslog Message-ID: <20190212083508.GG8450@vega.codepro.be> References: <2331cedc410f2123b2a0e142f81bf92e.squirrel@mail.monkeybrains.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <2331cedc410f2123b2a0e142f81bf92e.squirrel@mail.monkeybrains.net> X-Checked-By-NSA: Probably User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: 865DE802FC X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.98 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.98)[-0.982,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2019 08:35:12 -0000 On 2019-02-11 22:37:07 (-0800), Rudy (bulk address) wrote: > I've switched to VNET (love it) in jails. Neat, you an have ipfw running > in your jail! > > I added some log lines to test it out and was a bit confused when > /var/log/security wasn't showing the log lines. Turns out, the kernel is > grabbing them and logging in the host and not the chrooted environment. > > Bug? Feature? :) > "Known limitation", I think[*]. >From a quick look at the ipfw log code it appears to simply write the logging information to the kernel log, which is not a per-jail things. I don't expect this to be easy to change either. Regards, Kristof [*] Not an ipfw maintainer. Warranty void where prohibited. Do not feed after midnight.