FW: Question about logging.
Simon L. Nielsen
simon at nitro.dk
Wed May 28 13:14:21 PDT 2003
On 2003.05.28 23:04:32 +0300, Peter Pentchev wrote:
> On Wed, May 28, 2003 at 08:36:24PM +0200, Simon L. Nielsen wrote:
> > On 2003.05.28 20:04:28 +0200, Erik Paulsen Sk?lerud wrote:
> >
> > > Yeah, I've gotten that far. But, how can I explicity -only- filter out ipfw
> > > messages from the default console output? Looks like the only way is to
> > > remove kern.debug :(
> >
> > I think you can use something like this in syslog.conf (untested) :
> >
> > !-ipfw
> > *.err;kern.debug;auth.notice;mail.crit /dev/console
>
> This would match log entries generated by a userland application named
> 'ipfw'. The ipfw log lines are, however, generated by the *kernel*, and
> they would never match this rule.
Ehh, I have the following in my syslog.conf, and it works just fine :
!ipfw
*.* /var/log/ipfw.log
I only get lines like :
May 20 02:16:28 arthur /kernel: ipfw: 65300 Deny UDP 192.168.3.2:53 192.168.2.3:49239 in via xl0
in var/log/ipfw.log
I guess it shouldn't work, but it does :-)
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030528/01929d2c/attachment.bin
More information about the freebsd-security
mailing list