Date: Thu, 08 Dec 2005 12:12:21 +0200 From: Toomas Aas <toomas.aas@raad.tartu.ee> To: questions@freebsd.org Subject: ipmon syslog facility in FreeBSD 6.0 Message-ID: <43980705.5090205@raad.tartu.ee>
next in thread | raw e-mail | index | archive | help
Hello! What syslog facility is ipmon using on FreeBSD 6.0? From the documentation I don't see that anything is supposed to be changed from 5.4, where it was 'security'. So on my freshly-installed FreeBSD 6.0 I made modifications to /etc/syslog.conf similar to those that work on 5.4. Basically I added this as the first uncommented line to /etc/syslog.conf security.* /var/log/ipfilter However, nothing is logged to /var/log/ipfilter. I'm using the default value for ipmon_flags in /etc/rc.conf and ps output shows that '/sbin/ipmon -Ds' is running. At the same time, ipfstat -ih shows increasing number of hits on rules which have 'log' keyword in them. The logfile /var/log/ipfilter exists and is mode 0600, owner root:wheel. When I enable all.log in syslog.conf, ipmon messages are logged to all.log. So it seems like I'm not using the correct facility for /var/log/ipfilter. How can I find out what the correct facility is? I tried reading the source, but it's beyond my comprehension (except contrib/ipfilter/Makefile, which seems to imply that it's still 'security').
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43980705.5090205>