I was thinking about this just now, and I agree. I personally dump
all tcpd and ssh related log messages into LOCAL7, but I'd be happy
enough with LOG_AUTH.

cjs

Curt Sampson    cjs@portal.ca		Info at http://www.portal.ca/
Internet Portal Services, Inc.	
Vancouver, BC   (604) 257-9400		De gustibus, aut bene aut nihil.

On Wed, 4 Dec 1996, Monroe Williams wrote:

> Date: Wed, 4 Dec 1996 12:38:29 -0800
> From: Monroe Williams <monroe@pobox.com>
> To: current-users@NetBSD.ORG
> Subject: Question about recent libwrap changes
> 
> Shouldn't the libwrap messages from 'inetd -l' be logged with facility
> LOG_AUTHPRIV or LOG_AUTH instead of LOG_DAEMON?  This would make it much
> easier for all of the authorization-related messaged to be collected in
> one place by syslog.  
> 
> It looks like this could be done by changing the initialization of
> allow_severity and deny_severity in inetd to include the preferred facility.
> sendmail might also benefit from a similar change.
> 
> -- monroe  
> 
> 
>