From owner-freebsd-net Thu Aug 6 14:30:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA09971 for freebsd-net-outgoing; Thu, 6 Aug 1998 14:30:59 -0700 (PDT) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from shell6.ba.best.com (shell6.ba.best.com [206.184.139.137]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA09767 for ; Thu, 6 Aug 1998 14:30:07 -0700 (PDT) (envelope-from jkb@best.com) Received: from localhost (jkb@localhost) by shell6.ba.best.com (8.9.0/8.9.0/best.sh) with SMTP id OAA17979; Thu, 6 Aug 1998 14:29:47 -0700 (PDT) X-Authentication-Warning: shell6.ba.best.com: jkb owned process doing -bs Date: Thu, 6 Aug 1998 14:29:47 -0700 (PDT) From: "Jan B. Koum " X-Sender: jkb@shell6.ba.best.com To: Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= cc: net@FreeBSD.ORG Subject: Re: ipfw logging In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id OAA09798 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here is an old eMail. I don't think this patch was applied to syslogd.c though. Date: Wed, 25 Mar 1998 11:54:57 -0800 (PST) From: Archie Cobbs To: Studded Cc: isp@freebsd.org Subject: Re: ipfw logging... Studded writes: > Archie Cobbs wrote: > > Try adding this to /etc/syslog.conf: > > > > !ipfw > > *.* /var/log/ipfw > > This doesn't work. IPFW logs to the kernel facility, although I > wouldn't mind seeing an option to change that. :) Yeah.. we do this on the InterJet and I forgot it was a custom hack. Try the following patch to syslogd.c and see if that helps. If so, I'll file the patch in a send-pr bug. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com *** syslogd.c Mon Mar 9 05:56:07 1998 --- /usr/prod/ia/whistle/bin/syslogd/syslogd.c Wed Nov 26 15:37:39 1997 *************** *** 537,544 **** int c, pri, flags; char *lp, *p, *q, line[MAXLINE + 1]; ! (void)strcpy(line, bootfile); ! (void)strcat(line, ": "); lp = line + strlen(line); for (p = msg; *p != '\0'; ) { flags = SYNC_FILE | ADDDATE; /* fsync file after write */ --- 464,477 ---- int c, pri, flags; char *lp, *p, *q, line[MAXLINE + 1]; ! /* See if kernel has provided a "program" prefix already */ ! for (p = msg; *p && isalnum(*p); p++); ! if (*p == ':' && (p - msg) < MAXLINE) { ! *line = 0; /* Use kernel's prefix */ ! } else { ! (void)strcpy(line, bootfile); /* Prefix with bootfile name */ ! (void)strcat(line, ": "); ! } lp = line + strlen(line); for (p = msg; *p != '\0'; ) { flags = SYNC_FILE | ADDDATE; /* fsync file after write */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message On 6 Aug 1998, Dag-Erling Coidan [iso-8859-1] Smørgrav wrote: >Which syslog facility does the firewall code use? To be more precise, >what pattern should I use in /etc/syslog.conf to divert all ipfw log >messages to a separate file? > >DES >-- >Dag-Erling Smørgrav - dag-erli@ifi.uio.no > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message