ipmon logs to messages AND security
I have just installed IPFILTER as a replacement for IPFW. All is great besides the fact that ipf logs are being stored not only in /etc/security, but also /etc/messages. I don't want ipf logs in /etc/messages. In rc.conf, after enabling ipfilter i have the following lines: ipmon_enable=YES#Start ip monitor log ipmon_flags=-Ds #s=log to syslog, D=start as daemon Then in syslogd.conf i have: *.notice;authpriv.none;local0.none;mail.crit var/log/messages local0.* /var/log/security Shouldn't the local0.none prevent ipf logs from being entered in messages? Where am i going wrong? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: ipmon logs to messages AND security
Changes to /etc/syslog.conf do not take effect until you tell the syslog task to re-read the conf file. You do that be issuing an HUP signal to the syslog task. Kill -HUP PID where PID is the task number from the ps ax command. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Monday, May 17, 2004 6:55 AM To: [EMAIL PROTECTED] Subject: ipmon logs to messages AND security I have just installed IPFILTER as a replacement for IPFW. All is great besides the fact that ipf logs are being stored not only in /etc/security, but also /etc/messages. I don't want ipf logs in /etc/messages. In rc.conf, after enabling ipfilter i have the following lines: ipmon_enable=YES#Start ip monitor log ipmon_flags=-Ds #s=log to syslog, D=start as daemon Then in syslogd.conf i have: *.notice;authpriv.none;local0.none;mail.crit var/log/messages local0.* /var/log/security Shouldn't the local0.none prevent ipf logs from being entered in messages? Where am i going wrong? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipmon logs to messages AND security
Hi there, thanks for the sample rules and help in setting up IPF. I have restarted since making the changes to syslogd.conf. I HUP'd syslogd anyway, still no luck. All ipf logs go to security and messages! Can you think of anything else that i might do? Thanks Gareth On Mon, 17 May 2004 07:43:34 -0400 JJB [EMAIL PROTECTED] wrote: Changes to /etc/syslog.conf do not take effect until you tell the syslog task to re-read the conf file. You do that be issuing an HUP signal to the syslog task. Kill -HUP PID where PID is the task number from the ps ax command. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gareth Bailey Sent: Monday, May 17, 2004 6:55 AM To: [EMAIL PROTECTED] Subject: ipmon logs to messages AND security I have just installed IPFILTER as a replacement for IPFW. All is great besides the fact that ipf logs are being stored not only in /etc/security, but also /etc/messages. I don't want ipf logs in /etc/messages. In rc.conf, after enabling ipfilter i have the following lines: ipmon_enable=YES#Start ip monitor log ipmon_flags=-Ds #s=log to syslog, D=start as daemon Then in syslogd.conf i have: *.notice;authpriv.none;local0.none;mail.crit var/log/messages local0.* /var/log/security Shouldn't the local0.none prevent ipf logs from being entered in messages? Where am i going wrong? Thanks Gareth _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipmon logs to messages AND security
On Mon, 2004-05-17 at 13:53, Gareth Bailey wrote: Hi there, thanks for the sample rules and help in setting up IPF. I have restarted since making the changes to syslogd.conf. I HUP'd syslogd anyway, still no luck. All ipf logs go to security and messages! Can you think of anything else that i might do? Rather use: ipmon_flags=-Dn /var/log/security Cheers, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. signature.asc Description: This is a digitally signed message part
RE: ipmon logs to messages AND security
Your solution of not using the syslog function does not answer his question. This is bad advice. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Nelis Lamprecht Sent: Monday, May 17, 2004 7:57 AM To: Gareth Bailey Cc: [EMAIL PROTECTED] Subject: Re: ipmon logs to messages AND security On Mon, 2004-05-17 at 13:53, Gareth Bailey wrote: Hi there, thanks for the sample rules and help in setting up IPF. I have restarted since making the changes to syslogd.conf. I HUP'd syslogd anyway, still no luck. All ipf logs go to security and messages! Can you think of anything else that i might do? Rather use: ipmon_flags=-Dn /var/log/security Cheers, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: ipmon logs to messages AND security
On Mon, 2004-05-17 at 14:11, JJB wrote: Your solution of not using the syslog function does not answer his question. This is bad advice. Quoted Can you think of anything else that i might do? and answered: Rather use: ipmon_flags=-Dn /var/log/security This is not bad advice, I was offering a solution to his problem. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. signature.asc Description: This is a digitally signed message part
Re: ipmon logs to messages AND security
Thanks for the advice ;-), changing the ipmon_flags did the trick. Regards, Gareth On Mon, 17 May 2004 14:39:44 +0200 Nelis Lamprecht [EMAIL PROTECTED] wrote: On Mon, 2004-05-17 at 14:11, JJB wrote: Your solution of not using the syslog function does not answer his question. This is bad advice. Quoted Can you think of anything else that i might do? and answered: Rather use: ipmon_flags=-Dn /var/log/security This is not bad advice, I was offering a solution to his problem. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc Unix IS user friendly.. It's just selective about who its friends are. _ For super low premiums ,click here http://www.dialdirect.co.za/quote ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]