Re: [syslog-ng] ipfw logging

Ilya

31 May 2000 31 May '00

11:57 p.m.

ok i tried /dev/log - no result, same thing - ipfw is not being logged anywhere. i noiced that i am not the only one with this problem. the other person from japan seems to have similar issue. ---------- Original Message ---------------------------------- From: "Ilya" <maillist@krel.org> Reply-To: syslog-ng@venus.terrasoft.hu Date: Wed, 31 May 2000 01:36:19 -0400

...

I am running on Freebsd 4.0 stable. i just kept it the way documentation and examples have it and had no problem except with ipfw

Show replies by date

Dan Rich

1 Jun 1 Jun

1:03 a.m.

New subject: ipfw logging

On Wed, 31 May 2000, Ilya wrote:

...

ok i tried /dev/log - no result, same thing - ipfw is not being logged anywhere. i noiced that i am not the only one with this problem. the other person from japan seems to have similar issue.

I don't have the whole thread, so this may already have been covered... I believe ipfw is logged via. the kernel like ipchains. Do you have the kernel logging device in your syslog-ng config file? On Linux, you need to add: file("/proc/kmsg"); to your source statement and then you can kill klogd. -- Dan Rich <drich@employees.org> | http://www.employees.org/~drich/ | "Danger, you haven't seen the last of me!" | "No, but the first of you turns my stomach!" | -- The Firesign Theatre's Nick Danger

Balazs Scheidler

10:04 a.m.

New subject: ipfw logging

...

...
ok i tried /dev/log - no result, same thing - ipfw is not being logged anywhere. i noiced that i am not the only one with this problem. the other person from japan seems to have similar issue.

I don't have the whole thread, so this may already have been covered...

I believe ipfw is logged via. the kernel like ipchains. Do you have the kernel logging device in your syslog-ng config file? On Linux, you need to add: file("/proc/kmsg"); to your source statement and then you can kill klogd.

I think he uses FreeBSD, and /proc/kmsg is Linux specific. (and even under linux, using klogd is recommended, since it preprocesses some kernel messages) FreeBSD uses a special character device named /dev/klog for kernel logging. It _should_ work with file s_kern { file("/dev/klog"); }; If it doesn't, then tell me how to generate some kernel messages under FreeBSD. I have it installed, but since I'm not that much experienced in it, I can't test whether kernel messages arrive or not. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt

Ilya

3:23 p.m.

New subject: ipfw logging

source src1 { file("/dev/klog"); }; yep thsi worked! thx a lot, sorry about this ----- Original Message ----- From: "Balazs Scheidler" <bazsi@balabit.hu> To: <syslog-ng@venus.terrasoft.hu> Sent: Thursday, June 01, 2000 5:04 AM Subject: Re: [syslog-ng] ipfw logging

...

...
...
ok i tried /dev/log - no result, same thing - ipfw is not being logged anywhere. i noiced that i am not the only one with this problem. the other person from japan seems to have similar issue.

I don't have the whole thread, so this may already have been covered...

I believe ipfw is logged via. the kernel like ipchains. Do you have the kernel logging device in your syslog-ng config file? On Linux, you need to add: file("/proc/kmsg"); to your source statement and then you can kill klogd.

I think he uses FreeBSD, and /proc/kmsg is Linux specific. (and even under linux, using klogd is recommended, since it preprocesses some kernel messages)

FreeBSD uses a special character device named /dev/klog for kernel logging. It _should_ work with

file s_kern { file("/dev/klog"); };

If it doesn't, then tell me how to generate some kernel messages under FreeBSD. I have it installed, but since I'm not that much experienced in it, I can't test whether kernel messages arrive or not.

-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt

_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu http://lists.balabit.hu/mailman/listinfo/syslog-ng

Hideyuki Nishiyama

2 Jun 2 Jun

12:30 a.m.

New subject: Re^2: ipfw logging

Thanks Balazs Scheidler. Balazs> FreeBSD uses a special character device named /dev/klog for kernel logging. Balazs> It _should_ work with Balazs> Balazs> file s_kern { file("/dev/klog"); }; Balazs> Balazs> If it doesn't, then tell me how to generate some kernel messages under Balazs> FreeBSD. I have it installed, but since I'm not that much experienced in Balazs> it, I can't test whether kernel messages arrive or not. I can contribute a little, but at once, I report corectly console messagewhen syslog-ng run on FreeBSD. I tested on FreeBSD 4.0-RELEASE, and on 2.2.8-RELEASE. Then I used syslog-ng-1.4.3 and libol-0.2.6. my syslog-ng.conf: options { long_hostname(off); sync(0);}; source src { file("/dev/klog"); internnal();}; destination messages { file("/var/log/messages"); }; log { source(src); destination(messages);}; On FreeBSD 4.0-RELEACE, the same on 2.2.8-RELEACE, console messages is Error opening file /dev/klog for reading (Device busy) Error initializing configuration, existing. Then syslog-ng has finished. ------------------------------------------------------------ __ * * 新日本気象海洋株式会社＼ / * * * 環境情報本部 || * 情報システムグループ || * 　西山英之 --------------i 　　　　　　　　　hideyuki@yk.metocean.co.jp ‾ ‾ ‾ ‾‾ ‾ ‾‾ ‾ ‾ ‾‾ ‾‾ ‾‾ ‾ ‾‾‾

9235

Age (days ago)

9236

Last active (days ago)

List overview

Download

4 comments

4 participants

participants (4)

Balazs Scheidler
Dan Rich
Hideyuki Nishiyama
Ilya