ipmon logging
Danny Pansters
danny at ricin.com
Fri Apr 1 12:32:50 PST 2005
On Friday 01 April 2005 20:50, as2sb3100 at comcast.net wrote:
> According to every website I've read so far ipmon uses local0 as the
> facility name. However, on my FreeBSD 5.3-RELEASE-p5 box, it logs to the
> security facility. The man page (in both 5.2.1 and 5.3) for ipmon, with -s
> for logging to syslog says, "The default facility when compiled and
> installed is security". Can anyone explain this? I'd like ipmon to log to
> a separate file so it doesn't fill up the security log. I've tried having
> ipmon log directly to a file, and not using syslog, but it stops logging
> when newsyslog rotates the file. Does anyone have any suggestions on what
> I could or should do?
From /etc/defaults/rc.conf:
ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog"
So use ipmon_flags="-D /var/log/ipmon" or so in your /etc/rc.conf. It's
sensible to have a seperate ipf logfile.
HTH,
Dan
More information about the freebsd-questions
mailing list