SOLVED: Re: syslog - ipmon(8) logs to a wrong log file?
Anton Shterenlikht
mexas at bristol.ac.uk
Sat Jan 16 16:41:40 UTC 2010
On Sat, Jan 16, 2010 at 04:23:37PM +0000, Anton Shterenlikht wrote:
> This is on FreeBSD 9.0-CURRENT ia64.
> I've ipfilter built into the kernel,
> with logging enabled:
>
> options IPFILTER
> options IPFILTER_DEFAULT_BLOCK
> options IPFILTER_LOG
>
> It works fine, but logs to a wrong file.
>
>
> I run ipmon with -Ds options:
>
> # ps ax|grep ipmon
> 740 ?? Ss 1:28.09 /sbin/ipmon -Ds
> #
>
> "D" is for deamon mode, and "s" is to log via syslog.
> According to ipmon(8):
>
> The default facility when compiled and installed is security.
>
> So I've in /etc/syslog.conf:
>
> security.* /var/log/ipfilter.log
>
> but I get all ipmon messages in /var/log/messages.
> According to my /etc/syslog.conf this file shouldn't
> have ipmon messages:
>
> *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
It seems that despite using option "s" facility is still local0.
So adding
local0.* /var/log/ipfilter.log
to /etc/syslog.conf
puts all ipmon logs to /var/log/ipfilter.log
--
Anton Shterenlikht
Room 2.6, Queen's Building
Mech Eng Dept
Bristol University
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 331 5944
Fax: +44 (0)117 929 4423
More information about the freebsd-questions
mailing list