From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rymes To: development@lists.ipfire.org Subject: Re: [PATCH 2/2] ipsec: Silence charon Date: Wed, 05 Feb 2020 10:25:59 -0500 Message-ID: <3492ce27-f15e-3154-ad42-f2e4a1857ef9@rymes.com> In-Reply-To: <20200205112425.20108-2-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============9005281157149030500==" List-Id: --===============9005281157149030500== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable May I suggest that we also move the IPSec logging into its own file? It=20 seems to me that, even with verbosity reduced, having it in=20 /var/log/messages makes it a pain to locate anything else in the kernel log. Tom On 02/05/2020 6:24 AM, Michael Tremer wrote: > Charon has some verbose logging enabled by default. This clutters > the logs a lot. >=20 > This patch disables debug logging but still lets charon log important > messages like tunnels that are going up or down. >=20 > Signed-off-by: Michael Tremer > --- > html/cgi-bin/vpnmain.cgi | 3 +++ > 1 file changed, 3 insertions(+) >=20 > diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi > index b3cd3e51e..d2bc70a27 100644 > --- a/html/cgi-bin/vpnmain.cgi > +++ b/html/cgi-bin/vpnmain.cgi > @@ -266,6 +266,9 @@ sub writeipsecfiles { > flock CONF, 2; > flock SECRETS, 2; > print CONF "version 2\n\n"; > + print CONF "config setup\n"; > + print CONF "\tcharondebug=3D\"dmn 0, mgr 0, ike 0, chd 0, job 0, cfg 0, k= nl 0, net 0, asn 0, enc 0, lib 0, esp 0, tls 0, tnc 0, imc 0, imv 0, pts 0\"\= n"; > + print CONF "\n"; > print CONF "conn %default\n"; > print CONF "\tkeyingtries=3D%forever\n"; > print CONF "\n"; >=20 --===============9005281157149030500==--