[syslog-ng] ipfw logging
Balazs Scheidler
bazsi@balabit.hu
Thu, 1 Jun 2000 11:04:53 +0200
> > ok i tried /dev/log - no result, same thing - ipfw is not being logged
> > anywhere. i noiced that i am not the only one with this problem. the
> > other person from japan seems to have similar issue.
>
> I don't have the whole thread, so this may already have been covered...
>
> I believe ipfw is logged via. the kernel like ipchains. Do you have the
> kernel logging device in your syslog-ng config file? On Linux, you need
> to add:
> file("/proc/kmsg");
> to your source statement and then you can kill klogd.
I think he uses FreeBSD, and /proc/kmsg is Linux specific. (and even under
linux, using klogd is recommended, since it preprocesses some kernel
messages)
FreeBSD uses a special character device named /dev/klog for kernel logging.
It _should_ work with
file s_kern { file("/dev/klog"); };
If it doesn't, then tell me how to generate some kernel messages under
FreeBSD. I have it installed, but since I'm not that much experienced in
it, I can't test whether kernel messages arrive or not.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt