From owner-freebsd-questions Sat Feb 19 19:29: 9 2000 Delivered-To: freebsd-questions@freebsd.org Received: from tetron02.tetronsoftware.com (ftp.tetronsoftware.com [208.236.46.106]) by hub.freebsd.org (Postfix) with ESMTP id BC42C37BE10 for ; Sat, 19 Feb 2000 19:29:05 -0800 (PST) (envelope-from zeus@tetronsoftware.com) Received: from tetron02.tetronsoftware.com (tetron02.tetronsoftware.com [208.236.46.106]) by tetron02.tetronsoftware.com (8.9.3/8.9.3) with ESMTP id VAA10698; Sat, 19 Feb 2000 21:29:22 -0600 (CST) (envelope-from zeus@tetronsoftware.com) Date: Sat, 19 Feb 2000 21:29:22 -0600 (CST) From: Gene Harris To: Ivan Fetch Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can ipfw log to somewhere else other than the console? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 19 Feb 2000, Ivan Fetch wrote: > Hello, > > On Sat, 19 Feb 2000, Gene Harris wrote: > > > syslog.conf is your friend. > > Yes. > > >ipfw logs through the > > kernel.info and higher. > > I added the following to /etc/syslog.conf prior to writing my previous > message, and restarted syslog: > *.* root Umm... Not quite right. The entry would log to a file named root in the current directory. Also, the file "root" must exist. Try modifying your inetd to *.* /var/log/messages And make sure to kill -HUP the syslog process to force it to reread the syslog.conf file. > > Logging in as root and entering: > ipfw add deny log logamount 100 all from ip_address to any > > Then, when generating trafic with that IP address - although the trafic > was denied - I got nothing on the terminal (although I got plenty of other > syslog stuff). > > Any ideas? > > > >you can also direct ipfw logging to > > a differenet file via syslog, with a line similar to the > > following in your syslog.conf file: > > > > !ipfw > > *.* /var/log/ipfw.log > > Would this log only ipfw related stuff or everything which comes through > syslog? > This will log only the ipfw relate stuff. Also, you need to enter the command touch /var/log/ipfw.log. Syslog will not write to a non-existent file. However, the ipfw stuff will also be logged to any kernel.info. > > Thank You, > Ivan. > > > > On Sat, 19 Feb 2000, Ivan Fetch wrote: > > > > > Hi, > > > I have looked through the ipfw manual page with out luck - I would like > > > to have packet logging written to somewhere other than the console and > > > this does not seem to be possible. FOr example's sake: > > > ipfw add 301 deny log all from badpeople.org to any > > > > > > I would like results of that rule to go into a file vs. the > > > console. Nothing seems to be sent to syslog at all - Is it possible to > > > change this behavior? > > > > Again, you need to look at your syslog.conf file. > > kernel.info and above is the logging facility/level that > > ipfw writes to. > > > > > > > > Thank YOu, > > > Ivan. > > > *==============================================* *Gene Harris http://www.tetronsoftware.com* * Home of TeamAccess version control for * * Microsoft Office 97 and 2000 * * FreeBSD 3.4-STABLE - The Power to Serve * * Redhat 6.1 Secure Web Server * *==============================================* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message