Date: Fri, 28 Jan 2005 21:29:16 +0000 From: Joe Kraft <hishadow@netcabo.pt> To: freebsd-questions@freebsd.org Subject: Re: Problems logging w/ IPF on FreeBSD 5.3-STABLE Message-ID: <ctear1$ud7$1@sea.gmane.org> In-Reply-To: <7cbadc870412010237464b55f5@mail.gmail.com> References: <41ABDAB6.5030906@comcast.net> <7cbadc870412010237464b55f5@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nelis Lamprecht wrote:
> On Mon, 29 Nov 2004 18:28:06 -0800, FMorales <altf2o@comcast.net> wrote:
>
>
>>bash-2.05b$ cat /etc/rc.conf | grep "ip"
>>ipfilter_enable="YES"
>>ipfilter_rules="/etc/ipf.rules"
>>ipmon_enable="YES"
>>ipmon_flags="-Ds"
>>
>
>
> change the above to read something along the lines of:
>
> ipmon_flags="-Dn /var/log/ipfilter.log"
>
> remove the "s" in other words and put in the path to your log file to
> output the data.
>
I have the same problem with my logs in 5.3, but I would like them to
run through syslogd because I would like them written to another machine
also. The same syslog.conf worked find on 4.10.
The following /etc/syslog.conf results in firewall logs going to
messages and security but not firewall.log and not remotely to kara.
local0.* /var/log/firewall.log
*.err;kern.debug;auth.notice;mail.crit /dev/console
*.notice;authpriv.none;kern.debug;local0.none;lpr.info;mail.crit;news.err
/var/log/messages
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
*.=debug /var/log/debug.log
*.emerg *
local0.* @kara
If I give the command 'logger -p local0.notice "where does this go" '
the log goes to the local and remote machines.
What am I missing? Did ipmon start forwarding to a different service?
Joe.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ctear1$ud7$1>