From owner-freebsd-questions Tue Mar 27 19:52:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.atl.mediaone.net (atlasmtp.atl.mediaone.net [65.32.2.34]) by hub.freebsd.org (Postfix) with ESMTP id ABAA637B718 for ; Tue, 27 Mar 2001 19:52:08 -0800 (PST) (envelope-from smnoldelinux@mediaone.net) Received: from mediaone.net (rr-163-52-118.atl.mediaone.net [24.163.52.118]) by smtp.atl.mediaone.net (8.8.7/8.8.7) with ESMTP id WAA24573 for ; Tue, 27 Mar 2001 22:52:06 -0500 (EST) Message-ID: <3AC15FE5.8D2E834C@mediaone.net> Date: Tue, 27 Mar 2001 22:52:05 -0500 From: scott X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: syslogd and cisco References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In my experiences, I've only used syslogd_flags="-a 192.168.50.0/24" which will catch all udp from the above specified subnet. Since tcpdump saw everything, this means you are receiving the packets in promiscuous mode. Change the syslogd_flags specification and check to see if your firewall is not blocking them. - Scott Ashby Gochenour wrote: > > Hello Everyone, > I am trying to receive logs from a cisco router on my local network. > I have read all the mail archives and have not found an answer to my > problem. I have /etc/defaults/rc.config set to these values: > > syslogd_enable="YES" > syslogd_flags="-a 192.168.50.0/24:*" > > I have the following in my /etc/syslog.conf: > > local7.debug /var/log/router.log > local7.* /var/log/router.all.log > > These entries were not receiving the logs, so I tried to catch everything > coming to syslogd by: > > *.* /var/log/all.log > > This is logging kernel logs and the norm, but I still see no cisco logs in > here. > > On the cisco router I have the following in the running config: > > logging 192.168.50.199 > > This is the FreeBSD 4.2 machine I want to log to. I did have an additional > line in the config: > > logging trap debugging > > Which I took out as I was not sure this was needed or not. > When I do a show log on the Cisco, I see that it is sending messages to my > host, I am just not getting them. > > Trap logging: level informational, 43 message lines logged > Logging to 192.168.50.199, 13 message lines logged > > I've tried to run tcpdump to see if the > messages are getting there, but I'm not sure what to be looking for > exactly. > > I have read numerous mail archives on people having similar problems, but > have seen no answers that fix this. > > Any advice, hints, fixes much appriciated! > > Ashby Gochenour > Unix Administration > NTELOS > NOC > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message