From owner-freebsd-ipfw@FreeBSD.ORG  Thu May 23 11:50:01 2013
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 5489AD78
 for <freebsd-ipfw@smarthost.ysv.freebsd.org>;
 Thu, 23 May 2013 11:50:01 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 4680A9A8
 for <freebsd-ipfw@smarthost.ysv.freebsd.org>;
 Thu, 23 May 2013 11:50:01 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r4NBo1BP084684
 for <freebsd-ipfw@freefall.freebsd.org>; Thu, 23 May 2013 11:50:01 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r4NBo0wJ084672;
 Thu, 23 May 2013 11:50:00 GMT (envelope-from gnats)
Date: Thu, 23 May 2013 11:50:00 GMT
Message-Id: <201305231150.r4NBo0wJ084672@freefall.freebsd.org>
To: freebsd-ipfw@FreeBSD.org
Cc: 
From: Ian Smith <smithi@nimnet.asn.au>
Subject: Re: kern/178482: [ipfw] logging problem from vnet jail
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: Ian Smith <smithi@nimnet.asn.au>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2013 11:50:01 -0000

The following reply was made to PR kern/178482; it has been noted by GNATS.

From: Ian Smith <smithi@nimnet.asn.au>
To: Joe <fbsd8@a1poweruser.com>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/178482: [ipfw] logging problem from vnet jail
Date: Thu, 23 May 2013 21:45:24 +1000 (EST)

  > You have the incorrect conclusion. Let me reword what was stated in the
  > original pr to give a clearer picture of the pr. IPFW log messages coming
  > from a IPFW process running inside of a jail(8) vnet jail are being written
  > to the hosts /etc/log/security file and not to the vnet jail's
  > /etc/log/security file.
 
 Exactly so; if rewording what I said assists comprehension, fine.
 
  > If the host is also running ipfw, it's logging
  > messages are intermingled with those coming from the vnet jail ipfw process.
  > And yes Anders Hagman did confirm this per the link you provided.
 
 Again, exactly so.  Anders used different rule numbers on host and jail
 which made following the log easier, but your example log is followable.
 
  > > Since you set verbose_limit=0, you shouldn't expect to see anything from
  > > ipfw in /var/log/messages, on either host or jail.
  > 
  > I don't know how you can to that conclusion. verbose_limit is not mentioned
  > in this pr. You are incorrect. verbose_limit is not set for this pr test.
 
 Sigh.  Paragraphs 4 and 5 of _this_ PR:
 
 # ran on the host
 # /root >sysctl net.inet.ip.fw.verbose
 net.inet.ip.fw.verbose: 1
 
 # /root >sysctl net.inet.ip.fw.verbose_limit
 net.inet.ip.fw.verbose_limit: 0
 
  > > Strange that there were not even normal bootup messages on the host?
  > 
  > Thats because I deleted all content before running this test to make the
  > output simple. What purpose would showing boot messages serve?
 
 You may find tail(1) useful.
 
 Ian