Date: Sun, 30 Oct 2005 09:22:39 -0600 From: Eric F Crist <ecrist@secure-computing.net> To: Daniel Molina Wegener <dmw@unete.cl> Cc: FreeBSD Questions <questions@freebsd.org> Subject: Re: firewall messages to syslogd Message-ID: <0B8C1785-53FF-4B2E-946B-CAF2B35E1172@secure-computing.net> In-Reply-To: <20051030033240.GA12647@dmw.hopto.org> References: <20051030033240.GA12647@dmw.hopto.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote: > > Hello, > > How can I add firewall log messages to syslogd, I have > added the following lines to the syslog.conf: > > # router > +router > *.* /var/log/router.log > > Also, syslogd is running with the flag -a with the ip > address of the firewall -- the mask, and service. > > The computer receive the packets to the 514 port -- > I've used tcpdump to log the packets -- but the messages > are not logged into the router.log file. Try the following in your /etc/syslog.conf file, assuming you're using ipfw as your firewall: #ipfw logging !ipfw *.* /var/log/router.log Now, perform the following command, assuming your running FreeBSD 5.x+: # touch /var/log/router.log && chmod 0600 /var/log/router.log && /etc/ rc.d/syslogd restart Let me know what happens.... ----- Eric F Crist Secure Computing Networks http://www.secure-computing.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0B8C1785-53FF-4B2E-946B-CAF2B35E1172>