Re: firewall messages to syslogd
On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote: Hello, How can I add firewall log messages to syslogd, I have added the following lines to the syslog.conf: # router +router *.* /var/log/router.log Also, syslogd is running with the flag -a with the ip address of the firewall -- the mask, and service. The computer receive the packets to the 514 port -- I've used tcpdump to log the packets -- but the messages are not logged into the router.log file. Try the following in your /etc/syslog.conf file, assuming you're using ipfw as your firewall: #ipfw logging !ipfw *.*/var/log/router.log Now, perform the following command, assuming your running FreeBSD 5.x+: # touch /var/log/router.log chmod 0600 /var/log/router.log /etc/ rc.d/syslogd restart Let me know what happens - Eric F Crist Secure Computing Networks http://www.secure-computing.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: firewall messages to syslogd
On Sun, Oct 30, 2005 at 09:22:39AM -0600, Eric F Crist wrote: On Oct 29, 2005, at 10:32 PM, Daniel Molina Wegener wrote: Hello, How can I add firewall log messages to syslogd, I have added the following lines to the syslog.conf: # router +router *.* /var/log/router.log Also, syslogd is running with the flag -a with the ip address of the firewall -- the mask, and service. The computer receive the packets to the 514 port -- I've used tcpdump to log the packets -- but the messages are not logged into the router.log file. Try the following in your /etc/syslog.conf file, assuming you're using ipfw as your firewall: No, the problem was while I trying to retreive syslog messages from a firewall. #ipfw logging !ipfw *.*/var/log/router.log That's OK, and works well, the problem was with an external firewall/router sending messages to syslogd, port 514. This needs the use of +host_name to log messages from the host_name machine. Well, now it works... Now, perform the following command, assuming your running FreeBSD 5.x+: # touch /var/log/router.log chmod 0600 /var/log/router.log /etc/ rc.d/syslogd restart Let me know what happens Now syslogd is receiving messages from the firewall :) Thanks... - Eric F Crist Secure Computing Networks http://www.secure-computing.net [SNIP] Regards -- . 0 . | Daniel Molina Wegener . . 0 | dmw at unete dot cl 0 0 0 | FreeBSD Power User ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
firewall messages to syslogd
Hello, How can I add firewall log messages to syslogd, I have added the following lines to the syslog.conf: # router +router *.* /var/log/router.log Also, syslogd is running with the flag -a with the ip address of the firewall -- the mask, and service. The computer receive the packets to the 514 port -- I've used tcpdump to log the packets -- but the messages are not logged into the router.log file. Thanks. Regards -- . 0 . | Daniel Molina Wegener . . 0 | dmw at unete dot cl 0 0 0 | FreeBSD Power User ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]