my logs. big. lots of stuff. meanings escape me.
i can configure what gets logged or not via the syslog.conf
files, but when a program logs something, it's not relevant
to the logger itself.
i know what RTFM means... so rWfm means "read _which_ manual?"
==
A) ipfwadm logging:
in my syslog i see that ipfwadm spits out (because of its
"-o" option) text like this:
May 3 18:48:53 www kernel: IP fw-fwd deny eth1
TCP 192.168.1.100:1248 152.19.254.81:80
L=48 S=0x00 I=2471 F=0x0040 T=254
'man ipfwadm' says "-o logs via klogd" but not what the output is.
where do i find out what the L= S= I= F= and T= mean?
is the first #.#.#.# source and the second #.#.#.# destination
or vice-versa?
==
B) named/bind/dns logging:
B.1) no TTL?
when 'ndc reload' generates errors in the log like this
May 3 06:46:15 server named[19322]:
Zone "myserver.com" (file /etc/bind/myserver):
No default TTL set using SOA minimum instead
although the zone file has all five values in it,
@ IN SOA myserver.com. root.myserver.com. (
200004191 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Default TTL
TXT "my web site"
NS ns.myserver.com.
www CNAME @
ns A 10.11.12.13
where do i look, so i'll know if it's okay to ignore this
"no TTL" message?
B.2) NSTATS?
then, named, in its normal course of events, logs messages
like this now and then (hourly, in fact--but not via crontab):
Apr 12 22:21:08 server named[19322]:
NSTATS 955596068 955588868 A=1 MX=4
('man named' gives me the old-style named configuration info:
after an "apt-get" i've got a named that now looks in /etc/bind/*
instead of /etc/named.conf; plus, there's no "log" directives
in the old file, anyway... and 'ndc /help' yields an error?)
how do i find out what this means?
