Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 Nov 2000 08:50:54 +0100 (CET)
From:      Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   ports/23017: [PATCH] for arpwatch to log PID to syslog
Message-ID:  <200011220750.eAM7osu72457@curry.mchp.siemens.de>
next in thread | raw e-mail | index | archive | help 

>Number:         23017
>Category:       ports
>Synopsis:       [PATCH] for arpwatch to log PID to syslog
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Nov 22 00:00:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     Andre Albsmeier
>Release:        FreeBSD 4.2-BETA i386
>Organization:
>Environment:

Systems running multiple arpwatch processes

>Description:

When arpwatch logs to syslog a typical entry can look like this:

arpwatch: bogon 179.23.184.1 0:e0:a3:22:0:a0

When multiple instances of arpwatch are running on the same machine
but on different ethernet cards, it is difficult to find out which
arpwatch process has logged to syslog.

>How-To-Repeat:

I, for example, have a machine with three fxp cards. I am running:

USER     PID  PPID   VSZ  RSS  TT  STARTED      TIME COMMAND
root     944     1  2372 1968  ??   6:49AM   0:00.23 arpwatch -i fxp2 -f arp-fxp2.dat
root     936     1  2372 1968  ??   6:49AM   0:00.23 arpwatch -i fxp1 -f arp-fxp1.dat
root     929     1  2368 1964  ??   6:49AM   0:00.23 arpwatch -i fxp0 -f arp-fxp0.dat

With the above syslog entry, it is very hard to determine on which of
the three wires the bogon appeared and where I have to look for the
user rip his head off :-)

>Fix:

A small patch makes the syslog message contain the pid:

--- arpwatch.c.orig	Sat Oct 14 04:07:35 2000
+++ arpwatch.c	Wed Nov 22 08:40:40 2000
@@ -251,7 +251,7 @@
 		}
 	}
 
-	openlog(prog, 0, LOG_DAEMON);
+	openlog(prog, LOG_PID, LOG_DAEMON);
 
 	if (chdir(arpdir) < 0) {
 		syslog(LOG_ERR, "chdir(%s): %m", arpdir);

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011220750.eAM7osu72457>