DragonFly bugs List (threaded) for 2004-08
Re: Strange ipfw messages in /var/log/messages
Matthew Dillon wrote:
I have no idea ... it kinda looks like ipfw is trying to log
something but it's virtually unreadable. Are you loading ipfw
as a module? Maybe the module is out of date with the kernel.
No, IPFIREWALL and IPFIREWALL_VERBOSE are compiled into the kernel.
kernel, modules and world were recompiled just a few days ago.
I am guessing you have 'log' directives in your ipfw.conf
somewhere and that the log messages are related to those
I do have 'log' directives in my ipfw.conf and 99.9% of the time
filtered packets are logged correctly to /var/log/security but somehow a
few of them are trashed and have the wrong syslog facilities and levels
(e.g., kern.crit or user.err instead of the normal security.info). Hence
the wrong log file (/var/log/messages instead of /var/log/security).
I have the feeling that the same thing that's trashing the log messages
is also responsible for the (seemingly) random assignment of syslog
facility and level. Maybe some sort of overrun? There was pretty much
firewall activity at some of the times where the misdirected logs
occured. The machine is a 400MHz PII.