/var/log/messages question
Kevin D. Kinsey, DaleCo, S.P.
kdk at daleco.biz
Tue Mar 16 12:25:19 PST 2004
Darryl Hoar wrote:
>Greetings,
>I have a 4.4-stable box configured as my firewall
>running IPFilter and doing nat and routing to
>the internet.
>
>I keep getting:
>
>Mar 16 13:10:09 darryl /kernel: arplookup 10.2.2.2 failed: host is not on
>local network
>
>in my /var/log/messages file. It is coming from my DSL facing interface. I
>used ethereal
>to capture packets and determine the MAC address. Turns out to be a "vendor
>testpoint"
>on some OSI gear the ISP is using. They cannot correct this problem.
>
>ARP comes way before IPFilter, therefore I do not believe it can be
>filtered.
>
>Is there anything I can do to prevent these warnings/errors from clogging up
>my
>log files ?
>
>thanks,
>Darryl
>
>
>
I think you could change /etc/syslog.conf
and -HUP the syslog daemon.
However, I can't tell you what level
of message that is; and therefore can't
tell you exactly what to change in that
file. I imagine that its "kern.debug" ...
but I'm not sure. Not to mention, losing
"kern.debug" might take away something
you'll need next time you have a problem.
I guess you could experiment, if you're
not too afraid of losing other log messages;
or you could script something to strip that
line and run it via cron....
Kevin Kinsey
DaleCo, S.P.
More information about the freebsd-questions
mailing list