Date: Sat, 19 Feb 2000 21:29:22 -0600 (CST) From: Gene Harris <zeus@tetronsoftware.com> To: Ivan Fetch <ivanfetch@technologist.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can ipfw log to somewhere else other than the console? Message-ID: <Pine.BSF.4.10.10002192124200.678-100000@tetron02.tetronsoftware.com> In-Reply-To: <Pine.LNX.4.20.0002191243390.1175-100000@ibis.ivanfetch.tzo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Feb 2000, Ivan Fetch wrote: > Hello, > > On Sat, 19 Feb 2000, Gene Harris wrote: > > > syslog.conf is your friend. > > Yes. > > >ipfw logs through the > > kernel.info and higher. > > I added the following to /etc/syslog.conf prior to writing my previous > message, and restarted syslog: > *.* root Umm... Not quite right. The entry would log to a file named root in the current directory. Also, the file "root" must exist. Try modifying your inetd to *.* /var/log/messages And make sure to kill -HUP the syslog process to force it to reread the syslog.conf file. > > Logging in as root and entering: > ipfw add deny log logamount 100 all from ip_address to any > > Then, when generating trafic with that IP address - although the trafic > was denied - I got nothing on the terminal (although I got plenty of other > syslog stuff). > > Any ideas? > > > >you can also direct ipfw logging to > > a differenet file via syslog, with a line similar to the > > following in your syslog.conf file: > > > > !ipfw > > *.* /var/log/ipfw.log > > Would this log only ipfw related stuff or everything which comes through > syslog? > This will log only the ipfw relate stuff. Also, you need to enter the command touch /var/log/ipfw.log. Syslog will not write to a non-existent file. However, the ipfw stuff will also be logged to any kernel.info. > > Thank You, > Ivan. > > > > On Sat, 19 Feb 2000, Ivan Fetch wrote: > > > > > Hi, > > > I have looked through the ipfw manual page with out luck - I would like > > > to have packet logging written to somewhere other than the console and > > > this does not seem to be possible. FOr example's sake: > > > ipfw add 301 deny log all from badpeople.org to any > > > > > > I would like results of that rule to go into a file vs. the > > > console. Nothing seems to be sent to syslog at all - Is it possible to > > > change this behavior? > > > > Again, you need to look at your syslog.conf file. > > kernel.info and above is the logging facility/level that > > ipfw writes to. > > > > > > > > Thank YOu, > > > Ivan. > > > *==============================================* *Gene Harris http://www.tetronsoftware.com* * Home of TeamAccess version control for * * Microsoft Office 97 and 2000 * * FreeBSD 3.4-STABLE - The Power to Serve * * Redhat 6.1 Secure Web Server * *==============================================* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10002192124200.678-100000>