Update the IPMON section by making it suitable for 5.X (and reference
4.X for people still using 4.X). PR: docs/79543 Submitted by: <fbsd_user at a1poweruser dot com>
This commit is contained in:
Remko Lodder
parent
27b1aa7155
commit
280011b864
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=24478
1 changed files with 15 additions and 7 deletions
|
|
@ -766,10 +766,11 @@ ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat</programlist
|
||||||
<para><application>Syslogd</application> uses its own special
|
<para><application>Syslogd</application> uses its own special
|
||||||
method for segregation of log data. It uses special groupings
|
method for segregation of log data. It uses special groupings
|
||||||
called <quote>facility</quote> and <quote>level</quote>. IPMON
|
called <quote>facility</quote> and <quote>level</quote>. IPMON
|
||||||
in <option>-Ds</option> mode uses <literal>local0</literal> as
|
in <option>-Ds</option> mode uses <literal>security</literal>
|
||||||
the <quote>facility</quote> name. All IPMON logged data goes
|
(<literal>local0</literal>in 4.X) as the <quote>facility</quote>
|
||||||
to <literal>local0</literal>. The following levels can be used
|
name. All IPMON logged data goes to <literal>security</literal>
|
||||||
to further segregate the logged data if desired:</para>
|
(<literal>local0</literal>in 4.X). The following levels can be
|
||||||
|
used to further segregate the logged data if desired:</para>
|
||||||
|
|
||||||
<screen>LOG_INFO - packets logged using the "log" keyword as the action rather than pass or block.
|
<screen>LOG_INFO - packets logged using the "log" keyword as the action rather than pass or block.
|
||||||
LOG_NOTICE - packets logged which are also passed
|
LOG_NOTICE - packets logged which are also passed
|
||||||
|
|
@ -791,12 +792,19 @@ LOG_ERR - packets which have been logged and which can be considered short</scre
|
||||||
by software applications like IPF.</para>
|
by software applications like IPF.</para>
|
||||||
|
|
||||||
<para>Add the following statement to
|
<para>Add the following statement to
|
||||||
<filename>/etc/syslog.conf</filename>:</para>
|
<filename>/etc/syslog.conf</filename> for &os; 5.X and
|
||||||
|
later:</para>
|
||||||
|
|
||||||
|
<programlisting>security.* /var/log/ipfilter.log</programlisting>
|
||||||
|
|
||||||
|
<para>Or add the following statement to
|
||||||
|
<filename>/etc/syslog.conf</filename> for &os; 4.X:</para>
|
||||||
|
|
||||||
<programlisting>local0.* /var/log/ipfilter.log</programlisting>
|
<programlisting>local0.* /var/log/ipfilter.log</programlisting>
|
||||||
|
|
||||||
<para>The <literal>local0.*</literal> means to write all the
|
<para>The <literal>security.*</literal> (<literal>local0</literal>
|
||||||
logged messages to the coded file location.</para>
|
for 4.X) means to write all the logged messages to the coded
|
||||||
|
file location.</para>
|
||||||
|
|
||||||
<para>To activate the changes to <filename>/etc/syslog.conf
|
<para>To activate the changes to <filename>/etc/syslog.conf
|
||||||
</filename> you can reboot or bump the syslog task into
|
</filename> you can reboot or bump the syslog task into
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue