Date: Sat, 19 Feb 2000 21:35:27 -0600 (CST) From: Gene Harris <zeus@tetronsoftware.com> To: Ivan Fetch <ivanfetch@technologist.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can ipfw log to somewhere else other than the console? Message-ID: <Pine.BSF.4.10.10002192132420.678-100000@tetron02.tetronsoftware.com> In-Reply-To: <Pine.BSF.4.10.10002192124200.678-100000@tetron02.tetronsoftware.com>
index | next in thread | previous in thread | raw e-mail
On Sat, 19 Feb 2000, Gene Harris wrote:
> On Sat, 19 Feb 2000, Ivan Fetch wrote:
>
> > Hello,
> >
> > On Sat, 19 Feb 2000, Gene Harris wrote:
> >
> > > syslog.conf is your friend.
> >
> > Yes.
> >
> > >ipfw logs through the
> > > kernel.info and higher.
> >
> > I added the following to /etc/syslog.conf prior to writing my previous
> > message, and restarted syslog:
> > *.* root
>
> Umm... Not quite right. The entry would log to a file
> named root in the current directory. Also, the file "root"
^^^^
Brain dysfunction here. Does not log to a file named "root"
but to the current terminal root is logged in on. One too
many cups of tea tonight. I should've pottied first and
then written the reply. ;-)
> must exist. Try modifying your inetd to
>
> *.* /var/log/messages
>
> And make sure to kill -HUP the syslog process to force it to
> reread the syslog.conf file.
>
> >
> > Logging in as root and entering:
> > ipfw add deny log logamount 100 all from ip_address to any
> >
> > Then, when generating trafic with that IP address - although the trafic
> > was denied - I got nothing on the terminal (although I got plenty of other
> > syslog stuff).
> >
> > Any ideas?
> >
> >
> > >you can also direct ipfw logging to
> > > a differenet file via syslog, with a line similar to the
> > > following in your syslog.conf file:
> > >
> > > !ipfw
> > > *.* /var/log/ipfw.log
> >
> > Would this log only ipfw related stuff or everything which comes through
> > syslog?
> >
>
> This will log only the ipfw relate stuff. Also, you need to
> enter the command touch /var/log/ipfw.log. Syslog will not
> write to a non-existent file. However, the ipfw stuff will
> also be logged to any kernel.info.
>
> >
> > Thank You,
> > Ivan.
> > >
> > > On Sat, 19 Feb 2000, Ivan Fetch wrote:
> > >
> > > > Hi,
> > > > I have looked through the ipfw manual page with out luck - I would like
> > > > to have packet logging written to somewhere other than the console and
> > > > this does not seem to be possible. FOr example's sake:
> > > > ipfw add 301 deny log all from badpeople.org to any
> > > >
> > > > I would like results of that rule to go into a file vs. the
> > > > console. Nothing seems to be sent to syslog at all - Is it possible to
> > > > change this behavior?
> > >
> > > Again, you need to look at your syslog.conf file.
> > > kernel.info and above is the logging facility/level that
> > > ipfw writes to.
> > >
> > > >
> > > > Thank YOu,
> > > > Ivan.
> > > >
>
> *==============================================*
> *Gene Harris http://www.tetronsoftware.com*
> * Home of TeamAccess version control for *
> * Microsoft Office 97 and 2000 *
> * FreeBSD 3.4-STABLE - The Power to Serve *
> * Redhat 6.1 Secure Web Server *
> *==============================================*
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
*==============================================*
*Gene Harris http://www.tetronsoftware.com*
* Home of TeamAccess version control for *
* Microsoft Office 97 and 2000 *
* FreeBSD 3.4-STABLE - The Power to Serve *
* Redhat 6.1 Secure Web Server *
*==============================================*
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10002192132420.678-100000>