ipmon writes to security.* in 5.3
hishadow at netcabo.pt
Sun Jan 30 07:18:28 PST 2005
Joe Kraft wrote:
> I have a 5.3-STABLE machine with ipfilter built into the kernel. When
> running ipmon logging to syslog, the information is being dumped to the
> security.* service instead of the local0.* service like the handbook
> says it should.
OK I'm feeling a stupid, only a little though...because the info in the
handbook doesn't match the reality (given in the manpage) WRT the
"facility" name used by ipmon.
24.5.7 IPMON Logging
Syslogd uses its own special method for segregation of log data. It uses
special groupings called ``facility'' and ``level''. IPMON in -Ds mode
uses local0 as the ``facility'' name. All IPMON logged data goes to
local0. The following levels can be used to further segregate the logged
data if desired:
The ipmon(8) manpage says:
-s Packet information read in will be sent through syslogd rather
than saved to a file. The default facility when compiled and
installed is security. The following levels are used:
So now I have two more questions.
First, what is the best way to go about getting this fixed so noone else
makes the same mistake I did? A simple post somewhere explaining what's
incorrect, or do I need to create a diff and upload it somewhere?
Second, what else uses the security syslog facility? Is my security log
going to have other things than just my firewall logs that I will now
have to go digging for?
More information about the freebsd-questions