Date: Tue, 27 Mar 2001 22:52:05 -0500 From: scott <smnoldelinux@mediaone.net> To: freebsd-questions@freebsd.org Subject: Re: syslogd and cisco Message-ID: <3AC15FE5.8D2E834C@mediaone.net> References: <Pine.GSO.4.21.0103271100410.20226-100000@flanders.intelos.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In my experiences, I've only used syslogd_flags="-a 192.168.50.0/24" which will catch all udp from the above specified subnet. Since tcpdump saw everything, this means you are receiving the packets in promiscuous mode. Change the syslogd_flags specification and check to see if your firewall is not blocking them. - Scott Ashby Gochenour wrote: > > Hello Everyone, > I am trying to receive logs from a cisco router on my local network. > I have read all the mail archives and have not found an answer to my > problem. I have /etc/defaults/rc.config set to these values: > > syslogd_enable="YES" > syslogd_flags="-a 192.168.50.0/24:*" > > I have the following in my /etc/syslog.conf: > > local7.debug /var/log/router.log > local7.* /var/log/router.all.log > > These entries were not receiving the logs, so I tried to catch everything > coming to syslogd by: > > *.* /var/log/all.log > > This is logging kernel logs and the norm, but I still see no cisco logs in > here. > > On the cisco router I have the following in the running config: > > logging 192.168.50.199 > > This is the FreeBSD 4.2 machine I want to log to. I did have an additional > line in the config: > > logging trap debugging > > Which I took out as I was not sure this was needed or not. > When I do a show log on the Cisco, I see that it is sending messages to my > host, I am just not getting them. > > Trap logging: level informational, 43 message lines logged > Logging to 192.168.50.199, 13 message lines logged > > I've tried to run tcpdump to see if the > messages are getting there, but I'm not sure what to be looking for > exactly. > > I have read numerous mail archives on people having similar problems, but > have seen no answers that fix this. > > Any advice, hints, fixes much appriciated! > > Ashby Gochenour > Unix Administration > NTELOS > NOC > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC15FE5.8D2E834C>