Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 14 May 2005 16:20:10 +0200 (CEST)
From:      "Per Berger" <freebsd@stortsett.se>
To:        fbsd_user@a1poweruser.com
Cc:        FreeBSD questions <freebsd-questions@freebsd.org>
Subject:   RE: ipfilter and logging...
Message-ID:  <62310.192.168.214.1.1116080410.squirrel@kalle.stortsett.local>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGAENDHEAA.fbsd_user@a1poweruser.com>
References:  <4285EEDF.4070902@stortsett.se> <MIEPLLIBMLEEABPDBIEGAENDHEAA.fbsd_user@a1poweruser.com>

next in thread | previous in thread | raw e-mail | index | archive | help

On L=F6, 2005-05-14, 15:00, fbsd_user skrev:
>
> add  security.none  to the line for /var/log/messages file to stop
> ipfilter from logging to that file.
>
> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Per Berger
> Sent: Saturday, May 14, 2005 8:28 AM
> To: FreeBSD questions
> Subject: ipfilter and logging...
>
>
> Hi!
>
> So I've installed ipfilter and ipnat with help from the handbook. It
> works great so now my box is connected to my ADSL connection.
>
> But... (there is always a but...)
>
> I am confused regarding logging. The handbook says that I can add
> "security.*" in syslog.conf and specify a logfile to log the
> firewall.
> But there is already an entry in syslog.conf "security.*" from
> install (
> I am running 5.4-RELEASE upgraded from 5.3 via cvsup (which worked
> great
> btw...)) pointing at /var/log/security. And all logging goes to
> /var/log/security. But at least some of it goes also to
> /var/log/messages; seems to be the "final" rules that goes there,
> i.e.
> such as "block in log first quick on fxp0 all".
>
> My syslog.conf looks like this:
>
> "
> ...
> *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
> /var/log/messages
> security.*                                      /var/log/security
> ...
> "
>
> (sorry for truncation, hope you get the picture...)
>
> Now for my question. I do really want a separate log file for
> ipfilter.
> How would a change syslog.conf to separate out the ipfilter logs
> from
> the rest without breaking any other logging? Or, at least, how do I
> change the line for /var/log/messages so that no ipfilter stuff goes
> there without breaking something else?
>
> Sorry if this is obvious stuff but I've searched for the answer but
> is
> only getting more confused the more I search...
>
>
> --
> Per Berger
>
> _
>                                                ASCII ribbon campaign
> ( )
>                                           - against HTML, vCards and
> X
>                                  - proprietary attachments in e-mail
> / \
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
>
>

Thanks! That did it!

/Per

--=20




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?62310.192.168.214.1.1116080410.squirrel>