From owner-freebsd-ports Wed Nov 22 0: 0:13 2000 Delivered-To: freebsd-ports@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 33D2837B4D7 for ; Wed, 22 Nov 2000 00:00:05 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id AAA27674; Wed, 22 Nov 2000 00:00:05 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from david.siemens.de (david.siemens.de [192.35.17.14]) by hub.freebsd.org (Postfix) with ESMTP id E9BA237B4D7 for ; Tue, 21 Nov 2000 23:50:56 -0800 (PST) Received: from mail1.siemens.de (mail1.siemens.de [139.23.33.14]) by david.siemens.de (8.11.0/8.11.0) with ESMTP id eAM7otu14940 for ; Wed, 22 Nov 2000 08:50:55 +0100 (MET) Received: from curry.mchp.siemens.de (curry.mchp.siemens.de [139.25.42.7]) by mail1.siemens.de (8.11.0/8.11.0) with ESMTP id eAM7osQ03460 for ; Wed, 22 Nov 2000 08:50:55 +0100 (MET) Received: (from localhost) by curry.mchp.siemens.de (8.11.1/8.11.1) id eAM7os249887 for FreeBSD-gnats-submit@freebsd.org; Wed, 22 Nov 2000 08:50:54 +0100 (CET) Message-Id: <200011220750.eAM7osu72457@curry.mchp.siemens.de> Date: Wed, 22 Nov 2000 08:50:54 +0100 (CET) From: Andre Albsmeier To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/23017: [PATCH] for arpwatch to log PID to syslog Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 23017 >Category: ports >Synopsis: [PATCH] for arpwatch to log PID to syslog >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Nov 22 00:00:01 PST 2000 >Closed-Date: >Last-Modified: >Originator: Andre Albsmeier >Release: FreeBSD 4.2-BETA i386 >Organization: >Environment: Systems running multiple arpwatch processes >Description: When arpwatch logs to syslog a typical entry can look like this: arpwatch: bogon 179.23.184.1 0:e0:a3:22:0:a0 When multiple instances of arpwatch are running on the same machine but on different ethernet cards, it is difficult to find out which arpwatch process has logged to syslog. >How-To-Repeat: I, for example, have a machine with three fxp cards. I am running: USER PID PPID VSZ RSS TT STARTED TIME COMMAND root 944 1 2372 1968 ?? 6:49AM 0:00.23 arpwatch -i fxp2 -f arp-fxp2.dat root 936 1 2372 1968 ?? 6:49AM 0:00.23 arpwatch -i fxp1 -f arp-fxp1.dat root 929 1 2368 1964 ?? 6:49AM 0:00.23 arpwatch -i fxp0 -f arp-fxp0.dat With the above syslog entry, it is very hard to determine on which of the three wires the bogon appeared and where I have to look for the user rip his head off :-) >Fix: A small patch makes the syslog message contain the pid: --- arpwatch.c.orig Sat Oct 14 04:07:35 2000 +++ arpwatch.c Wed Nov 22 08:40:40 2000 @@ -251,7 +251,7 @@ } } - openlog(prog, 0, LOG_DAEMON); + openlog(prog, LOG_PID, LOG_DAEMON); if (chdir(arpdir) < 0) { syslog(LOG_ERR, "chdir(%s): %m", arpdir); >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message