error in the FBSD handbook sec 28.5.7 IPMON Logging

Hello 

The handbook seems to be wrong in section 28.5.7 IPMON Logging:

 	"Add the following statement to /etc/syslog.conf:
 		security.* /var/log/ipfilter.log

 	 The security.* means to write all the logged
 	 messages to the coded file"

It appears that instead of "security" one must use "local0".

According to the IPF FAQ:
 	http://www.phildev.net/ipf/IPFipmon.html#ipmon1

 	Q. I have IPMon logging to syslog, but syslog doesn't
 	   log anything, why not?

 	A. IPF logs as local0 so you'll want something to the effect of:
 	   local0.debug /var/log/ipf.log in your syslog.conf.
 	   NOTE: There has to be atleast one TAB in that line, not just spaces.

I got my ipmon logging working only after I changed
"security.*" to "local0.*" in /etc/syslog.conf:

# grep local0 /etc/syslog.conf
local0.*        /var/log/ipfilter.log
#

I was also told in the fbsd-questions mailing list
(I haven't checked this myself) that:

"The weird thing is the following:
http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/ipfilter/tools/ipmon.c?rev=1.4.2.2
#ifndef	LOGFAC
#define	LOGFAC	LOG_LOCAL0
#endif

In the contrib/ipfilter/Makefile it is set to security, but...freebsd builds 
with src/sbin/ipf/ipmon and there it is indeed LOG_LOCAL0."

The full thread which led to this resolution is here:
http://lists.freebsd.org/pipermail/freebsd-questions/2008-February/169638.html

many thanks
anton

-- 
Anton Shterenlikht
Room 2.6, Queen's Building
Mech Eng Dept
Bristol University
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 928 8233 
Fax: +44 (0)117 929 4423
_______________________________________________
freebsd-doc@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-doc
To unsubscribe, send any mail to "freebsd-doc-unsubscribe@freebsd.org"