From owner-freebsd-ipfw@FreeBSD.ORG Mon May 12 06:36:58 2014 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA3D2818 for ; Mon, 12 May 2014 06:36:58 +0000 (UTC) Received: from mail-wg0-x22a.google.com (mail-wg0-x22a.google.com [IPv6:2a00:1450:400c:c00::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 68ECF2EE7 for ; Mon, 12 May 2014 06:36:58 +0000 (UTC) Received: by mail-wg0-f42.google.com with SMTP id y10so6264262wgg.25 for ; Sun, 11 May 2014 23:36:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=c6fb+30T2t83QmJk7Nn5Fh3GwPL6Uwam+O800D+bl2o=; b=oP3p/L6+zsorI5sDczqaADu0AodImb2mTebqy8oT9vD4GGw2Aw9vRNHEcYI1oYbGHm 6KooBNiPv6ZqbrBlQ6i2m8kJvt5kxVJdvww3DGc7NLwJ5UTjkRiCzmRA1NV3HNCHA3ZK juMabV7k8WcIpyob79pVHE/2HM2UeR6DLVzY/LsTPSaedAb4Vyn0FoCtN0dpBFA3Aty+ Lac0mAibHEyASV//bQzeM2cLxjAM9AmoHw0YaVpSXbNiHDfZAijw5uUQ1Pxh/t6roWMx AAATHfrr0jBe/Kwwj3r8acGEUTH1ssP9LkVL7Ytc7m0+NMjx07QfJYYcIhkFS5WOf/Ne gODQ== MIME-Version: 1.0 X-Received: by 10.180.218.35 with SMTP id pd3mr13927533wic.26.1399876616581; Sun, 11 May 2014 23:36:56 -0700 (PDT) Received: by 10.216.116.136 with HTTP; Sun, 11 May 2014 23:36:56 -0700 (PDT) In-Reply-To: <20140512152327.A11699@sola.nimnet.asn.au> References: <1756.1399868907@server1.tristatelogic.com> <8fb4ad9509f5ec232873ade4f2f3128c.authenticated@ultimatedns.net> <20140512152327.A11699@sola.nimnet.asn.au> Date: Mon, 12 May 2014 14:36:56 +0800 Message-ID: Subject: Re: Where do the boot time messages go? From: Bill Yuan To: Ian Smith Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18 Cc: freebsd-ipfw , Chris H , "Ronald F. Guilmette" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2014 06:36:58 -0000 1.The userland command "ipfw" will print the result directly on the stdout. it is using printf() method. 2.The "firewall_logging" is for ipfw kernel module, and depends on the net.inet.ip.fw.verbose_limit and it will be logged in the syslog. On Mon, May 12, 2014 at 2:08 PM, Ian Smith wrote: > On Sun, 11 May 2014 21:44:26 -0700, Chris H wrote: > [Ronald F. Guilmette wrote:] > > > In my /etc/rc.conf file, I have the following (among other things): > > > > > > firewall_enable="YES" > > > firewall_type="/etc/fw.rules" > > > firewall_logging="YES" > > > > > > And of course, on my system, the /etc/fw.rules file is full of ipfw > > > "add" commands. > > > > > > During a normal boot of FreeBSD, I can see those add commands being > > > processed. They are shown, briefly, whizzing by, on the console. > > > > > > During a recent reboot, I also saw something at about the same time > > > that looked like it might possibly have been some sort of ipfw error > > > or warning message. > > > > > > I would like to investigate. > > Instead of "ipfw add", if you use "ipfw -q add" those rule listings will > not appear on the console. Any error messages - issued on stderr rather > than stdout - should still appear without all the others. While they > may still not get logged, you should be able to see them without all the > 'whizzing by' at that stage of post-boot processing, and scrolling back > the VT0 root console should reveal it/them. > > > > Unfortunately it appears that all of the console messages that are > > > being logged, during the time when ipfw is processing my local > firewall > > > rules file, are not in fact stored into either /var/log/messages nor > > > even into /var/log/security. (I know. I looked.) > > That's true .. fortunately, in general. > > > > So, um, where do these messages go, exactly? > > > I really would like to have a look at the ones from the last boot. > > Any ipfw command issued without -q writes any resultant rule to stdout. > > > While unlikely, have a look at /var/run/dmesg.boot. > > Worth a try. > > > I see you have: firewall_logging="YES" > > Isn't it possible to DEFINE the firewall LOG? :) > > In other words; you ask it to log, but don't tell it WHERE. :) > > Doing so should provide the answers you're looking for. > > In /etc/syslog.conf you should see: > security.* /var/log/security > > Nothing but ipfw writes to log facility security, on my systems anyway. > > > Best wishes. > > > > --Chris > > cheers, Ian > > [off topic] > BTW Chris, several days ago your system rejected two direct messages to > you as spam. This may be the only way I can let you know. Subtracting > 17 hours, this should appear in your mail logs around 02:47 Friday. > > Reporting-MTA: dns; sola.nimnet.asn.au > Received-From-MTA: DNS; localhost > Arrival-Date: Fri, 9 May 2014 19:47:26 +1000 (EST) > Final-Recipient: RFC822; bsd-lists@bsdforge.com > Action: failed > Status: 5.0.0 > Diagnostic-Code: SMTP; 550 5.0.0 SPAM and BULK mail REJECTED > Last-Attempt-Date: Fri, 9 May 2014 19:47:34 +1000 (EST) > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >