Date: Tue, 1 Oct 2002 22:02:21 -0000 From: "Dean E. Weimer" <dweimer@dweimer.org> To: <freebsd-questions@FreeBSD.ORG> Subject: ipmon syslogd problems Message-ID: <200210012202.g91M2L90017541@dweimer.org>
next in thread | raw e-mail | index | archive | help
I have ipfilter set up and running fine, but I have been finding that my security logs show up in both my security and messages log files. ipmon is running with the command "ipmon -oI -s -D" and my syslog.conf file has the following relevant configuration. .. local0.* /var/log/security security.* /var/log/security *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages .. I am only logging blocked and short packets, which according to "man ipmon" should do the following. .. -s Packet information read in will be sent through syslogd rather than saved to a file. The default facility when compiled and installed is local0. The following levels are used: LOG_INFO - packets logged using the "log" keyword as the action rather than pass or block. LOG_NOTICE - packets logged which are also passed LOG_WARNING - packets logged which are also blocked LOG_ERR - packets which have been logged and which can be considered "short". .. There is nothing in my syslog.conf that is pointing *.warning or *.err to messages. Does anyone have any ideas as to why this is happening?? Please Copy me with any replies. -- Thanks, Dean E. Weimer dweimer@dweimer.org http://www.dweimer.org/ ________________________________________________________________ This message was sent from dweimer.org using TWIG - The Web Information Gateway. - For more information visit http://www.dweimer.org/ - To Report Abuse Contact dweimer@dweimer.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210012202.g91M2L90017541>