Date: Thu, 21 Sep 2000 18:48:00 -0500 From: "Jonel Rienton" <jmr@freebsduser.org> To: <freebsd-questions@FreeBSD.ORG>, "Oscar Ricardo Silva" <oscars@mail.utexas.edu> Subject: Re: Attempting to use syslogd with "-a" option Message-ID: <000d01c02426$6072b020$17161d0a@jonelrienton.org> References: <4.3.2.7.2.20000921181334.00b12180@mail.utexas.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
hi, i'm actually using hostnames instead of ip addr, but i'm sure the ip addr works as well, my receiving box runs syslogd like: syslogd -a homer.developers.local and my sending box has: *.* @marge.developers.local in /etc/syslog.conf hth. Jonel Rienton http://qmail.freebsduser.org sent by qmail-1.03 on a FreeBSD 4.1-STABLE ----- Original Message ----- From: "Oscar Ricardo Silva" <oscars@mail.utexas.edu> To: <freebsd-questions@FreeBSD.ORG> Sent: Thursday, September 21, 2000 6:21 PM Subject: Attempting to use syslogd with "-a" option | I'm trying to enable logging from other hosts to my machine. The loghost | machine is running FreeBSD 4.1-STABLE, one of the test machines has FreeBSD | 4.1-STABLE and the other Red Hat Linux 6.2. When I start the syslogd | daemon with the "-a" switch | | syslod -a 1.2.3.4/24 -a 1.2.3.5/24 | | (I've also tried without the masklen, the "/24" with the same results) | | I see that syslog messages from the test machines are being rejected: | | validate: dgram from IP 1.2.3.4, port 514, name test1.foo.com; | rejected in rule 0 due to IP mismatch. | rejected in rule 1 due to IP mismatch. | cvthname(1.2.3.4) | validate: dgram from IP 1.2.3.5, port 514, name test2.foo.com; | rejected in rule 0 due to IP mismatch. | rejected in rule 1 due to IP mismatch. | | | The test machines have the line: | | *.* @1.2.3.10 | | where 1.2.3.10 is supposed to be my machine (and yes, those are tabs | between the *.* and the "@") | | I tried running tcpdump on loghost and saw that syslog messages were being | sent out and that they were coming into my machine: | | 17:48:00.325121 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 62 | 17:48:08.424073 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 69 | 17:48:08.424532 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 80 | 17:48:08.425285 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 91 | 17:48:21.796066 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 62 | 17:48:24.305533 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:48:24.306488 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 82 | 17:48:24.307487 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 93 | 17:49:36.977318 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:49:36.977713 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 70 | 17:49:42.116968 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:49:42.117367 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 70 | 17:49:47.662878 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 58 | | | | I checked mailing list archives and all I found were other people having | problems running with the "-a" option but no responses. The Complete | FreeBSD didn't have much to say on remote logging. | | Any information would be appreciated. | | | | Oscar | | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-questions" in the body of the message | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000d01c02426$6072b020$17161d0a>