From owner-freebsd-security Thu Jun 14 15:27:44 2001 Delivered-To: freebsd-security@freebsd.org Received: from nsmail.corp.globalstar.com (gibraltar.globalstar.com [207.88.248.142]) by hub.freebsd.org (Postfix) with ESMTP id BDFB037B407 for ; Thu, 14 Jun 2001 15:27:36 -0700 (PDT) (envelope-from crist.clark@globalstar.com) Received: from globalstar.com ([207.88.153.184]) by nsmail.corp.globalstar.com (Netscape Messaging Server 4.15) with ESMTP id GEXYDB00.177; Thu, 14 Jun 2001 15:27:11 -0700 Message-ID: <3B293A57.1442E4CD@globalstar.com> Date: Thu, 14 Jun 2001 15:27:35 -0700 From: "Crist Clark" Organization: Globalstar LP X-Mailer: Mozilla 4.77 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: "Fernando P . Schapachnik" Cc: anindya , freebsd-security@FreeBSD.ORG Subject: Re: remote syslog question References: <20010614161245.D56348-100000@phat.bastard.net> <3B292302.53CB3461@globalstar.com> <20010614190924.A2857@ns1.via-net-works.net.ar> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Fernando P . Schapachnik" wrote: > = > En un mensaje anterior, Crist Clark escribi=F3: > > anindya wrote: > > > > > > Fernando P . Schapachnik provided me the answer in email: simply > > > swap the order of the lines in syslog.conf. Apparently syslogd > > > matches does specific match first, then processes the rules > > > top-to-bottom. I knew it had to be something simple ;) > > > > Huh? This sounds like a bug to me. I don't see how order of lines can= > > (or should) matter within a block. OTOH, the documentation may be lac= king > > here. > = > It is *some how* documented in syslog.conf(5). See the paragraph > about comparison flags and the meaning of `*'. Hmmm. Not that I see. The paragraph on comparison flags, The comparison flags may be used to specify exactly what is logged. = The default set of comparison flags are ``=3D>'' (or, if you prefer, ``>= =3D''), which means that messages from the specified facility list of a prio= rity level equal or greater than level will be logged. Nothing there has to do with lines within a block interacting in any way. Comparison flags just impact the levels logged in a given "selector." As for the meaning of, '*', An asterisk (``*'') can be used to specify all facilities all levels= or all programs. Nothing about lines interacting. I guess I must not be looking at the same parts or missing something in these? -- = Crist J. Clark Network Security Engineer crist.clark@globalstar.com Globalstar, L.P. (408) 933-4387 FAX: (408) 933-4926 The information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message