From owner-freebsd-questions Sat Feb 19 19:35:15 2000 Delivered-To: freebsd-questions@freebsd.org Received: from tetron02.tetronsoftware.com (ftp.tetronsoftware.com [208.236.46.106]) by hub.freebsd.org (Postfix) with ESMTP id DE19A37BDC6 for ; Sat, 19 Feb 2000 19:35:10 -0800 (PST) (envelope-from zeus@tetronsoftware.com) Received: from tetron02.tetronsoftware.com (tetron02.tetronsoftware.com [208.236.46.106]) by tetron02.tetronsoftware.com (8.9.3/8.9.3) with ESMTP id VAA10717; Sat, 19 Feb 2000 21:35:27 -0600 (CST) (envelope-from zeus@tetronsoftware.com) Date: Sat, 19 Feb 2000 21:35:27 -0600 (CST) From: Gene Harris To: Ivan Fetch Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can ipfw log to somewhere else other than the console? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 19 Feb 2000, Gene Harris wrote: > On Sat, 19 Feb 2000, Ivan Fetch wrote: > > > Hello, > > > > On Sat, 19 Feb 2000, Gene Harris wrote: > > > > > syslog.conf is your friend. > > > > Yes. > > > > >ipfw logs through the > > > kernel.info and higher. > > > > I added the following to /etc/syslog.conf prior to writing my previous > > message, and restarted syslog: > > *.* root > > Umm... Not quite right. The entry would log to a file > named root in the current directory. Also, the file "root" ^^^^ Brain dysfunction here. Does not log to a file named "root" but to the current terminal root is logged in on. One too many cups of tea tonight. I should've pottied first and then written the reply. ;-) > must exist. Try modifying your inetd to > > *.* /var/log/messages > > And make sure to kill -HUP the syslog process to force it to > reread the syslog.conf file. > > > > > Logging in as root and entering: > > ipfw add deny log logamount 100 all from ip_address to any > > > > Then, when generating trafic with that IP address - although the trafic > > was denied - I got nothing on the terminal (although I got plenty of other > > syslog stuff). > > > > Any ideas? > > > > > > >you can also direct ipfw logging to > > > a differenet file via syslog, with a line similar to the > > > following in your syslog.conf file: > > > > > > !ipfw > > > *.* /var/log/ipfw.log > > > > Would this log only ipfw related stuff or everything which comes through > > syslog? > > > > This will log only the ipfw relate stuff. Also, you need to > enter the command touch /var/log/ipfw.log. Syslog will not > write to a non-existent file. However, the ipfw stuff will > also be logged to any kernel.info. > > > > > Thank You, > > Ivan. > > > > > > On Sat, 19 Feb 2000, Ivan Fetch wrote: > > > > > > > Hi, > > > > I have looked through the ipfw manual page with out luck - I would like > > > > to have packet logging written to somewhere other than the console and > > > > this does not seem to be possible. FOr example's sake: > > > > ipfw add 301 deny log all from badpeople.org to any > > > > > > > > I would like results of that rule to go into a file vs. the > > > > console. Nothing seems to be sent to syslog at all - Is it possible to > > > > change this behavior? > > > > > > Again, you need to look at your syslog.conf file. > > > kernel.info and above is the logging facility/level that > > > ipfw writes to. > > > > > > > > > > > Thank YOu, > > > > Ivan. > > > > > > *==============================================* > *Gene Harris http://www.tetronsoftware.com* > * Home of TeamAccess version control for * > * Microsoft Office 97 and 2000 * > * FreeBSD 3.4-STABLE - The Power to Serve * > * Redhat 6.1 Secure Web Server * > *==============================================* > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > *==============================================* *Gene Harris http://www.tetronsoftware.com* * Home of TeamAccess version control for * * Microsoft Office 97 and 2000 * * FreeBSD 3.4-STABLE - The Power to Serve * * Redhat 6.1 Secure Web Server * *==============================================* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message