View Single Post
  #7   (View Single Post)  
Old 16th March 2009
da1 da1 is offline
Fdisk Soldier
 
Join Date: Feb 2009
Location: Berlin, DE
Posts: 49
Default

Quote:
Originally Posted by J65nko View Post
No, I haven't. Thx for the link.

Now, after reading the link I added an extra "-n" option to my rc.conf (allthow it is not required). Still, no changes, Logging works but it logs to /var/log/messages. Will look harder into into it.

Here is the last output (after I added the "-n" option)
Code:
7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FILE: /var/log/router.log (ppp)
logmsg: pri 56, flags 4, from da1, msg syslogd: restart
syslogd: restarted
logmsg: pri 6, flags 4, from da1, msg syslogd: kernel boot file is /boot/kernel/kernel
Logging to FILE /var/log/messages
syslogd: kernel boot file is /boot/kernel/kernel
logmsg: pri 166, flags 17, from da1, msg Mar 16 05:32:40 <syslog.err> da1 syslogd: exiting on signal 2
cvthname(192.168.0.1)
validate: dgram from IP 192.168.0.1, port 2052, name 192.168.0.1;
accepted in rule 0.
logmsg: pri 14, flags 0, from 192.168.0.1, msg Mar 16 04:39:14 kernel: DROP IN=ppp0 OUT= MAC= SRC=222.58.96.73 DST=79.113.14.176 LEN=126 TOS=0x04 PREC=0x00 TTL=44 ID=18776 PROTO=UDP SPT=32610 DPT=52037 LEN=106
Logging to FILE /var/log/messages
cvthname(192.168.0.1)
validate: dgram from IP 192.168.0.1, port 2052, name 192.168.0.1;
accepted in rule 0.
logmsg: pri 14, flags 0, from 192.168.0.1, msg Mar 16 04:39:15 kernel: DROP IN=ppp0 OUT= MAC= SRC=79.173.193.164 DST=79.113.14.176 LEN=44 TOS=0x04 PREC=0x00 TTL=109 ID=64153 PROTO=UDP SPT=58158 DPT=1513 LEN=24
Logging to FILE /var/log/messages
cvthname(192.168.0.1)
validate: dgram from IP 192.168.0.1, port 2052, name 192.168.0.1;
accepted in rule 0.
logmsg: pri 14, flags 0, from 192.168.0.1, msg Mar 16 04:39:16 kernel: DROP IN=ppp0 OUT= MAC= SRC=60.15.177.166 DST=79.113.14.176 LEN=622 TOS=0x04 PREC=0x00 TTL=50 ID=0 DF PROTO=UDP SPT=34796 DPT=1026 LEN=602
Logging to FILE /var/log/messages
^Csyslogd: exiting on signal 2
syslogd: exiting on signal 2
logmsg: pri 53, flags 4, from da1, msg syslogd: exiting on signal 2
Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages


le: Here's my syslogd.conf file. I can't spot any mistakes, can you ?
Code:
# $FreeBSD: src/etc/syslog.conf,v 1.28.18.1 2008/11/25 02:59:29 kensmith Exp $
#
#       Spaces ARE valid field separators in this file. However,
#       other *nix-like systems still insist on using tabs as field
#       separators. If you are sharing this file between systems, you
#       may want to use only tabs as field separators here.
#       Consult the syslog.conf(5) manpage.
*.err;kern.warning;auth.notice;mail.crit                /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages
security.*                                      /var/log/security
auth.info;authpriv.info                         /var/log/auth.log
mail.info                                       /var/log/maillog
lpr.info                                        /var/log/lpd-errs
ftp.info                                        /var/log/xferlog
cron.*                                          /var/log/cron
*.=debug                                        /var/log/debug.log
*.emerg                                         *
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info                                   /var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
#*.*                                            /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.*                                            @loghost
# uncomment these if you're running inn
# news.crit                                     /var/log/news/news.crit
# news.err                                      /var/log/news/news.err
# news.notice                                   /var/log/news/news.notice
!startslip
*.*                                             /var/log/slip.log
!ppp
*.*                                             /var/log/ppp.log
+192.168.0.1
*.*                                             /var/log/router.log
+*
le2: hmm, here's a thing I noticed. The line in syslogd.conf that tells the daemon what to log into messages has a "kern.debug" option to it. Makes sense now why it logs to messages; the bsd box considers the actual line logs comming from the kernel of the router. Darn I wish I could specify a "quick" option

Last edited by da1; 16th March 2009 at 03:49 AM.
Reply With Quote