Where do the boot time messages go?

Ian Smith smithi at nimnet.asn.au
Tue May 13 05:18:36 UTC 2014 

On Mon, 12 May 2014 13:41:12 -0700, Ronald F. Guilmette wrote:
 > In message <20140512152327.A11699 at sola.nimnet.asn.au>, 
 > Ian Smith <smithi at nimnet.asn.au> wrote:
 > 
 > >... and scrolling back 
 > >the VT0 root console should reveal it/them.
 > 
 > Thank you!
 > 
 > I'm a bit ashamed to admit it, but I never even know about this console
 > feature until today.  It has already proved quite helpful to me in another
 > context, and I will most certainly be using it soon to try to see if in
 > fact I'm getting any boot-time errors from my ipfw setup.
 > 
 > > > While unlikely, have a look at /var/run/dmesg.boot.
 > >
 > >Worth a try.
 > 
 > Nope.  The boot-time ipfw messages are not in there either.

No, they're not saved anywhere.  If there was indeed an error message 
from ipfw then I thought it might have gone there, but I'm not sure.

 > >security.*					/var/log/security
 > 
 > Yes, quite.  I do have that.
 > 
 > But as I mentioned earlier, the boot-time messages relating to ipfw
 > startup don't seem to be present within the /var/log/security file,
 > and as someone else has mentioned, there's no reason that they should
 > be.  When my rules file is being processed, ipfw is most likely
 > (verbosely) showing each of those in turn, but just to either stdout
 > or stderr... and not syslogging them.

Yes; they do go to stdout (unless using -q) but that has nothing to do 
with verbose logging being set - as Bill pointed out, that's only to do 
with kernel mode syslogging of matching rules having the 'log' keyword.

root at x200:~ # kldload ipfw && ipfw add 64000 allow ip from any to any
64000 allow ip from any to any
root at x200:~ # ipfw add 65000 allow ip from any to any > test
root at x200:~ # cat test
65000 allow ip from any to any

And ipfw error messages do go to stderr, as is customary:
root at x200:~ # ipfw add 65001 invalid >test
ipfw: invalid action invalid
root at x200:~ # cat test && rm test && kldunload ipfw
root at x200:~ #

Of course you don't have to wait to reboot to run your rules file again; 
as long as it begins with an 'ipfw -q flush' to clear existing rules, as 
it ought, just run '# sh /pathto/yourrulesfile' .. and you can redirect 
that output to a file if you want, though 'ipfw show' is usually more 
useful.  As ever, the best advice is ipfw(8)

cheers, Ian

More information about the freebsd-ipfw mailing list