Problem with logging on message log file instead of security
Bastien Semene
bsemene at cyanide-studio.com
Mon Jun 21 14:58:20 UTC 2010
Update :
The problem seems to be from ipmon.
I sent messages with the logger tool and it correctly redirected them to
the /var/log/security log file, for the
security.{info;notice;warning;err} messages.
Le 21/06/2010 15:48, Bastien Semene a écrit :
> Hi,
>
> First, the problem concerns ipmon, but I didn't find its mailing list
> on the website listing : http://lists.freebsd.org/mailman/listinfo
> I'm sorry if I missed it, and I will be glad if someone can point me
> the right mailing list.
>
> The problem is that my firewall logs are written in the
> /var/log/messages instead of the /var/log/security log file.
> Ipmon manual says that by default messages should be sent to the
> security facility.
>
> /etc/rc.conf :
> ipfilter_enable="YES"
> ipfilter_rules="/etc/ipf.rules"
> ipmon_enable="YES"
> ipmon_flags="-Ds"
> ipnat_enable="YES"
> ipnat_rules="/etc/ipnat.rules"
> syslogd_flags = "-s -b localhost"
>
> /etc/syslog.conf :
> *.err;kern.warning;auth.notice;mail.crit /dev/console
> *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
> /var/log/messages
> security.* /var/log/security
> auth.info;authpriv.info /var/log/auth.log
> mail.info /var/log/maillog
> lpr.info /var/log/lpd-errs
> ftp.info /var/log/xferlog
> cron.* /var/log/cron
> user.* /var/log/user.log
> *.=debug /var/log/debug.log
> *.emerg *
> !startslip
> *.* /var/log/slip.log
> !ppp
> *.* /var/log/ppp.log
>
> Does someone encountered this problem before ?
>
--
Bastien Semene
Administrateur Réseau& Système
Cyanide Studio - FRANCE
More information about the freebsd-pf
mailing list