I am running m0n0wall 1.1 from a generic pc via the cdrom image. It is
outstanding! Thank you.
However, I'm a little new to this and was having a little trouble
setting up remote syslogging to a linux server due to the syslog
facility field set by m0n0wall...messages in the list archive suggested
to set a selector such as ipmon.* in syslog.conf on the linux server but
that didn't work.
A packet capture yielded:
<snip off un-interesting bits..>
User Datagram Protocol, Src Port: syslog (514), Dst Port: syslog (514)
Source port: syslog (514)
Destination port: syslog (514)
Checksum: 0xd7cf (correct)
Syslog message: LOCAL0.WARNING: Aug 31 16:47:21 ipmon: 1...
1000 0... = Facility: LOCAL0 - reserved for local use (16)
.... .100 = Level: WARNING - warning conditions (4)
which clearly shows the facility field is set to LOCAL0 for firewall
So finally the question. Since the syslog facility specifies the
subsystem that produced the message, how can I change that from "local0"
to say "m0n0wall" and hence change my selector in syslog.conf from
local0.* to m0n0wall.*?