Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 12 Jan 2008 15:50:45 -0600
From:      Jeffrey Goldberg <jeffrey@goldmark.org>
To:        Andy Greenwood <greenwood.andy@gmail.com>
Cc:        User questions <freebsd-questions@freebsd.org>
Subject:   Re: syslogd not reading messages from a remote machine
Message-ID:  <53AFE19A-173F-43AC-BF68-972FFD12029E@goldmark.org>
In-Reply-To: <47879080.6040208@gmail.com>
References:  <47879080.6040208@gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Jan 11, 2008, at 9:51 AM, Andy Greenwood wrote:

> I have recently set up a Fortigate-60 to run as a firewall/vpn on my  
> home network. I have a FreeBSD 7.0-prerelease machine sitting behind  
> it in the DMZ which is running ssh/web/etc. I'm trying to get the FG  
> to log to the BSD box's syslog. I have set up the necessary stuff on  
> the FG, and can send test logs from there to the bsd box. Running  
> tcpdump on the bsd [...]

> So I know that the packets are getting to the machine. I've set up  
> syslogd to accept packets from 10.10.10.1/32 in rc.conf, and  
> confirmed that the FG's IP should be accepted [...]


> I've restarted syslogd after every change I've made, but no dice.  
> Can anyone shed some light on why these messages aren't logging and  
> what I need to do to fix it?

I'm sure that there is a simple answer for getting syslogd to work  
properly.  But after similar experiences to yours (on other systems),  
I now use syslog-ng (in ports) for any system that is going to be a  
remote syslog server.

With syslog-ng, I can easily have my logs organized by originating  
host and day.

I know this doesn't answer your syslogd question, but it might provide  
a useful solution for you.

Cheers,

-j




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?53AFE19A-173F-43AC-BF68-972FFD12029E>