Date: Wed, 28 Mar 2001 07:43:36 -0500 (EST) From: Ashby Gochenour <freebsd@intelos.net> To: scott <smnoldelinux@mediaone.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: syslogd and cisco Message-ID: <Pine.GSO.4.21.0103280739260.1757-100000@flanders.intelos.net> In-Reply-To: <3AC15FE5.8D2E834C@mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey Scott and BSDall, Thanks for the info. The firewall would not be blocking this as my firewall is sending the logs to the internal network it firewalls. Would there be any reason the FreeBSD machine is 'firewalling' the packets? I tried removing the :* from my syslogd_flags= and I am still not receiving the packets. I'd love to get this working today if anyone has any suggestions! Thanks, Ashby On Tue, 27 Mar 2001, scott wrote: > In my experiences, I've only used > syslogd_flags="-a 192.168.50.0/24" > which will catch all udp from the above specified subnet. Since tcpdump > saw everything, this means you are receiving the packets in promiscuous > mode. Change the syslogd_flags specification and check to see if your > firewall is not blocking them. > > - Scott > > Ashby Gochenour wrote: > > > > Hello Everyone, > > I am trying to receive logs from a cisco router on my local network. > > I have read all the mail archives and have not found an answer to my > > problem. I have /etc/defaults/rc.config set to these values: > > > > syslogd_enable="YES" > > syslogd_flags="-a 192.168.50.0/24:*" > > > > I have the following in my /etc/syslog.conf: > > > > local7.debug /var/log/router.log > > local7.* /var/log/router.all.log > > > > These entries were not receiving the logs, so I tried to catch everything > > coming to syslogd by: > > > > *.* /var/log/all.log > > > > This is logging kernel logs and the norm, but I still see no cisco logs in > > here. > > > > On the cisco router I have the following in the running config: > > > > logging 192.168.50.199 > > > > This is the FreeBSD 4.2 machine I want to log to. I did have an additional > > line in the config: > > > > logging trap debugging > > > > Which I took out as I was not sure this was needed or not. > > When I do a show log on the Cisco, I see that it is sending messages to my > > host, I am just not getting them. > > > > Trap logging: level informational, 43 message lines logged > > Logging to 192.168.50.199, 13 message lines logged > > > > I've tried to run tcpdump to see if the > > messages are getting there, but I'm not sure what to be looking for > > exactly. > > > > I have read numerous mail archives on people having similar problems, but > > have seen no answers that fix this. > > > > Any advice, hints, fixes much appriciated! > > > > Ashby Gochenour > > Unix Administration > > NTELOS > > NOC > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.21.0103280739260.1757-100000>