Date: Tue, 20 Aug 2002 15:32:28 -0500 From: "Michael J. Turner" <mike@inethouston.net> To: <freebsd-questions@freebsd.org> Subject: IPMON Message-ID: <001901c24888$b4012040$0f04a8c0@desecrate>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0016_01C2485E.CA6F1B40 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi im trying to get ipmon to start logging. Im running 4.5-STABLE FreeBSD.=20 I have ipf in my kernel via options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging and i have it enabled via enable_ipmon=3D"YES" in syslog.conf i have Local0.* /var/log/ipf.log Local1.* /var/log/ipf.log security.* /var/log/ipf.log The file ipf.log does exisit in /var/log. I've tried killing syslogd and all sorts of stuff. Im even loging things such as AIM, port 80, and my denys, which should make a big log fast. Yet i havent seen a log yet. Any ideas? ------=_NextPart_000_0016_01C2485E.CA6F1B40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV> <DIV><FONT face=3DArial size=3D2>Hi im trying to get ipmon to start = logging. Im=20 running</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>4.5-STABLE FreeBSD. </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>I have ipf in my kernel = via</FONT></DIV> <DIV><FONT face=3DArial=20 size=3D2>options =20 IPFILTER  = ; =20 #ipfilter = support<BR>options =20 IPFILTER_LOG #ipfilter=20 logging<BR></DIV></FONT> <DIV><FONT face=3DArial size=3D2>and i have it enabled via</FONT></DIV> <DIV><FONT face=3DArial size=3D2>enable_ipmon=3D"YES"</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>in syslog.conf i have</DIV></FONT> <DIV><FONT face=3DArial=20 size=3D2>Local0.* &n= bsp; &nb= sp; &nbs= p; =20 /var/log/ipf.log<BR>Local1.* &nb= sp; &nbs= p;  = ; =20 /var/log/ipf.log<BR>security.* &= nbsp; &n= bsp; &nb= sp; =20 /var/log/ipf.log<BR></FONT><FONT face=3DArial size=3D2></FONT></DIV> <DIV><FONT face=3DArial size=3D2>The file ipf.log does exisit in=20 /var/log.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>I've tried killing syslogd and all = sorts of=20 stuff.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>Im even loging things such as AIM, port = 80,</FONT></DIV> <DIV><FONT face=3DArial size=3D2>and my denys, which should make a big = log=20 fast.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>Yet i havent seen a log yet. Any=20 ideas?</FONT></DIV></DIV></BODY></HTML> ------=_NextPart_000_0016_01C2485E.CA6F1B40-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001901c24888$b4012040$0f04a8c0>