firewall messages to syslogd

Eric F Crist ecrist at
Sun Oct 30 07:23:01 PST 2005

On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote:

> Hello,
>    How can I add firewall log messages to syslogd, I have
> added the following lines to the syslog.conf:
> # router
> +router
> *.*                     /var/log/router.log
>    Also, syslogd is running with the flag -a with the ip
> address of the firewall -- the mask, and service.
>    The computer receive the packets to the 514 port --
> I've used tcpdump to log the packets -- but the messages
> are not logged into the router.log file.

Try the following in your /etc/syslog.conf file, assuming you're  
using ipfw as your firewall:

#ipfw logging
*.*        /var/log/router.log

Now, perform the following command, assuming your running FreeBSD 5.x+:

# touch /var/log/router.log && chmod 0600 /var/log/router.log && /etc/ 
rc.d/syslogd restart

Let me know what happens....

Eric F Crist
Secure Computing Networks

More information about the freebsd-questions mailing list