From owner-freebsd-hackers@FreeBSD.ORG Wed Aug 20 23:22:34 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7A582B6D for ; Wed, 20 Aug 2014 23:22:34 +0000 (UTC) Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4E76F32F1 for ; Wed, 20 Aug 2014 23:22:34 +0000 (UTC) Received: from [73.34.117.227] (helo=ilsoft.org) by mho-02-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1XKFD6-000DkQ-Lw; Wed, 20 Aug 2014 23:22:32 +0000 Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240]) by ilsoft.org (8.14.9/8.14.9) with ESMTP id s7KNMVWI054538; Wed, 20 Aug 2014 17:22:31 -0600 (MDT) (envelope-from ian@FreeBSD.org) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 73.34.117.227 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX190SLZBjPXFYFVoxQah9dFB X-Authentication-Warning: paranoia.hippie.lan: Host revolution.hippie.lan [172.22.42.240] claimed to be [172.22.42.240] Subject: Re: syslog receiving data by UDP from windows with nxlog From: Ian Lepore To: Wojciech Puchar In-Reply-To: References: Content-Type: text/plain; charset="us-ascii" Date: Wed, 20 Aug 2014 17:22:30 -0600 Message-ID: <1408576950.1150.16.camel@revolution.hippie.lan> Mime-Version: 1.0 X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2014 23:22:34 -0000 On Thu, 2014-08-21 at 01:08 +0200, Wojciech Puchar wrote: > i configured nxlog on windows machine to send logs to FreeBSD. > > checked with tcpdump windows actually send logs like this: > > 2014-08-21 00:50:17 winserver1 INFO 7036 Usluga nxlog weszla w stan uruchomienia. > > this way: > > 00:50:27.995832 IP 10.100.100.241.54774 > 10.100.100.1.514: [|syslog] > > syslogd is run this way > /usr/sbin/syslogd -vn -b 10.100.100.1 -a 10.0.0.0/8 > > and syslog.conf is like this > > > +* > *.* -/var/log/messages > > > nothing is logged. > > to test things - i configured syslog from other FreeBSD computer to send > logs to 10.100.100.1 - works fine. > > > what is wrong? > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" In /etc/defaults/rc.conf is 'syslogd_flags="-s"' which prevents connections from other machines (so that your syslogd doesn't become a remote disk-filling service). The syslogd(8) manpage will show you what you need to set instead to allow packets from that other machine. -- Ian