Date: Mon, 12 May 2014 16:08:52 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Chris H <bsd-lists@bsdforge.com> Cc: freebsd-ipfw@freebsd.org, "Ronald F. Guilmette" <rfg@tristatelogic.com> Subject: Re: Where do the boot time messages go? Message-ID: <20140512152327.A11699@sola.nimnet.asn.au> In-Reply-To: <8fb4ad9509f5ec232873ade4f2f3128c.authenticated@ultimatedns.net> References: <1756.1399868907@server1.tristatelogic.com> <8fb4ad9509f5ec232873ade4f2f3128c.authenticated@ultimatedns.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 11 May 2014 21:44:26 -0700, Chris H wrote: [Ronald F. Guilmette wrote:] > > In my /etc/rc.conf file, I have the following (among other things): > > > > firewall_enable="YES" > > firewall_type="/etc/fw.rules" > > firewall_logging="YES" > > > > And of course, on my system, the /etc/fw.rules file is full of ipfw > > "add" commands. > > > > During a normal boot of FreeBSD, I can see those add commands being > > processed. They are shown, briefly, whizzing by, on the console. > > > > During a recent reboot, I also saw something at about the same time > > that looked like it might possibly have been some sort of ipfw error > > or warning message. > > > > I would like to investigate. Instead of "ipfw add", if you use "ipfw -q add" those rule listings will not appear on the console. Any error messages - issued on stderr rather than stdout - should still appear without all the others. While they may still not get logged, you should be able to see them without all the 'whizzing by' at that stage of post-boot processing, and scrolling back the VT0 root console should reveal it/them. > > Unfortunately it appears that all of the console messages that are > > being logged, during the time when ipfw is processing my local firewall > > rules file, are not in fact stored into either /var/log/messages nor > > even into /var/log/security. (I know. I looked.) That's true .. fortunately, in general. > > So, um, where do these messages go, exactly? > > I really would like to have a look at the ones from the last boot. Any ipfw command issued without -q writes any resultant rule to stdout. > While unlikely, have a look at /var/run/dmesg.boot. Worth a try. > I see you have: firewall_logging="YES" > Isn't it possible to DEFINE the firewall LOG? :) > In other words; you ask it to log, but don't tell it WHERE. :) > Doing so should provide the answers you're looking for. In /etc/syslog.conf you should see: security.* /var/log/security Nothing but ipfw writes to log facility security, on my systems anyway. > Best wishes. > > --Chris cheers, Ian [off topic] BTW Chris, several days ago your system rejected two direct messages to you as spam. This may be the only way I can let you know. Subtracting 17 hours, this should appear in your mail logs around 02:47 Friday. Reporting-MTA: dns; sola.nimnet.asn.au Received-From-MTA: DNS; localhost Arrival-Date: Fri, 9 May 2014 19:47:26 +1000 (EST) Final-Recipient: RFC822; bsd-lists@bsdforge.com Action: failed Status: 5.0.0 Diagnostic-Code: SMTP; 550 5.0.0 SPAM and BULK mail REJECTED Last-Attempt-Date: Fri, 9 May 2014 19:47:34 +1000 (EST)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140512152327.A11699>