ipfilter and logging...

Per Berger freebsd at stortsett.se
Sat May 14 07:25:41 PDT 2005


On Lö, 2005-05-14, 15:00, fbsd_user skrev:
>
> add  security.none  to the line for /var/log/messages file to stop
> ipfilter from logging to that file.
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Per Berger
> Sent: Saturday, May 14, 2005 8:28 AM
> To: FreeBSD questions
> Subject: ipfilter and logging...
>
>
> Hi!
>
> So I've installed ipfilter and ipnat with help from the handbook. It
> works great so now my box is connected to my ADSL connection.
>
> But... (there is always a but...)
>
> I am confused regarding logging. The handbook says that I can add
> "security.*" in syslog.conf and specify a logfile to log the
> firewall.
> But there is already an entry in syslog.conf "security.*" from
> install (
> I am running 5.4-RELEASE upgraded from 5.3 via cvsup (which worked
> great
> btw...)) pointing at /var/log/security. And all logging goes to
> /var/log/security. But at least some of it goes also to
> /var/log/messages; seems to be the "final" rules that goes there,
> i.e.
> such as "block in log first quick on fxp0 all".
>
> My syslog.conf looks like this:
>
> "
> ...
> *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
> /var/log/messages
> security.*                                      /var/log/security
> ...
> "
>
> (sorry for truncation, hope you get the picture...)
>
> Now for my question. I do really want a separate log file for
> ipfilter.
> How would a change syslog.conf to separate out the ipfilter logs
> from
> the rest without breaking any other logging? Or, at least, how do I
> change the line for /var/log/messages so that no ipfilter stuff goes
> there without breaking something else?
>
> Sorry if this is obvious stuff but I've searched for the answer but
> is
> only getting more confused the more I search...
>
>
> --
> Per Berger
>
> _
>                                                ASCII ribbon campaign
> ( )
>                                           - against HTML, vCards and
> X
>                                  - proprietary attachments in e-mail
> / \
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
>

Thanks! That did it!

/Per

-- 




More information about the freebsd-questions mailing list