FW: Question about logging.
Peter Pentchev
roam at ringlet.net
Wed May 28 13:01:36 PDT 2003
On Wed, May 28, 2003 at 08:36:24PM +0200, Simon L. Nielsen wrote:
> On 2003.05.28 20:04:28 +0200, Erik Paulsen Sk?lerud wrote:
>
> > Yeah, I've gotten that far. But, how can I explicity -only- filter out ipfw
> > messages from the default console output? Looks like the only way is to
> > remove kern.debug :(
>
> I think you can use something like this in syslog.conf (untested) :
>
> !-ipfw
> *.err;kern.debug;auth.notice;mail.crit /dev/console
This would match log entries generated by a userland application named
'ipfw'. The ipfw log lines are, however, generated by the *kernel*, and
they would never match this rule.
> Or something along those lines...
Logging kern.security to a separate file should be enough, I think?
Never tried it, though.
> Try looking at syslog.conf(5), it does explain a lot.
Yep, that too :)
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at sbnd.net roam at FreeBSD.org
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
This would easier understand fewer had omitted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030528/25c330e9/attachment.bin
More information about the freebsd-security
mailing list