Re: pflogd - remote login? (syslog @loghost style)

[Nicholas Lee <nj.lee@plumtree.co.nz>]

On Wed, Apr 10, 2002 at 12:46:18PM +0800, Andrew Shugg wrote:
> 
> The net4501 has an option of a second serial port; I suppose you could
> hook a cable up to it and have pflogd write to the appropriate tty or
> cua device[1] instead of to the standard log file.

Would have to go and cut holes in the pretty green box then. 8)

> 
> You could also use one of the (several) network interfaces as a private
> "control" interface to retrieve and rotate the logfiles over ssh.  Or

Unless they are all in use or need to be logged across a WAN. Still ssh
is a valid transport.

> the /var/log/pflog file could be a named pipe to an ssh process going
> out the private interface to your logging/console system.

Hmm, pipe with ssh auto-tunneling might work well.  

The best suggestion (from a prior email here which I missed in the
mailing list search engine) I've seen was a scp/cron transfer of the
binary file. 


> [1] I foolishly can't remember which of tty? or cua? is the more
>     appropriate for writing to as a logging process

I guess the man page is good here. ;)

     Whereas the dial-in device (the tty) normally requires a hardware signal
     to indicate to the system that it is active, the dial-out device (the
     cua) does not, and hence can communicate unimpeded with a device such as
     a modem.  This means that a process like getty(8) will wait on a dial-in
     device until a connection is established.  Meanwhile, a dial-out connec-
     tion can be established on the dial-out device (for the very same hard-
     ware terminal port) without disturbing anything else on the system.  The
     getty(8) process does not even notice that anything is happening on the



-- 
Nicholas Lee - nj.lee at plumtree.co dot nz, somewhere on the fish Maui caught.
gpg. 8072 4F86 EDCD 4FC1 18EF  5BDD 07B0 9597 6D58 D70C            icq. 1612865 

                         Quixotic Eccentricity