From owner-freebsd-questions@FreeBSD.ORG Tue Nov 29 00:08:25 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C862A1065690 for ; Tue, 29 Nov 2011 00:08:25 +0000 (UTC) (envelope-from kayasaman@gmail.com) Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com [209.85.215.182]) by mx1.freebsd.org (Postfix) with ESMTP id 467FB8FC1A for ; Tue, 29 Nov 2011 00:08:24 +0000 (UTC) Received: by eaai12 with SMTP id i12so3567243eaa.13 for ; Mon, 28 Nov 2011 16:08:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=8OCUGX3v0q8vL+eH8nAtEoPVM+kDZHI9jk4IUJfJsJo=; b=JU5gdbkUDFdilXtiAq1c+ImfQeKnZ+G2QOUdeb+NVrfuWGM9fxckUTQZKHTfYguFKP PYoxuX/+OcA2bTTGjBx4lByuspuuInN+2UY2+6tzXrQcdq/yChWzANMJw8AkDZTI4fnW 7JRg9YAtiUInFxccNHeC/LiLWyNeh2NNmpKIY= Received: by 10.227.209.85 with SMTP id gf21mr1114094wbb.5.1322525304161; Mon, 28 Nov 2011 16:08:24 -0800 (PST) Received: from Hp2230s.localhost (81-178-2-118.dsl.pipex.com. [81.178.2.118]) by mx.google.com with ESMTPS id ff1sm17919018wbb.5.2011.11.28.16.08.21 (version=SSLv3 cipher=OTHER); Mon, 28 Nov 2011 16:08:22 -0800 (PST) Message-ID: <4ED42273.7090509@gmail.com> Date: Tue, 29 Nov 2011 02:08:19 +0200 From: Kaya Saman User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0) Gecko/20110927 Thunderbird/7.0 MIME-Version: 1.0 To: Jon Radel References: <4ED38578.1000501@gmail.com> <4ED3CE66.4020903@gmail.com> <4ED3D9BF.701@my.gd> <4ED41C5F.3030906@gmail.com> <4ED41E53.6000403@radel.com> In-Reply-To: <4ED41E53.6000403@radel.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Alternative to syslogd that actually writes external logs to files? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Nov 2011 00:08:25 -0000 On 11/29/2011 01:50 AM, Jon Radel wrote: > > On 11/28/11 6:42 PM, Kaya Saman wrote: > >> >> However, when using tcpdump it shows that rsyslog is infact receiving >> information but still unfortunately not logging to file??? >> >> >> # tcpdump -tlnvv -i em0 port 514 >> tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96 >> bytes >> IP (tos 0x0, ttl 255, id 1875, offset 0, flags [none], proto UDP (17), >> length 142) >> 192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114 >> Facility local7 (23), Severity notice (5) >> Msg: 11578: 011565: Nov 28 23:34:19.475: %SYS-5-CONFIG[|syslog] >> >> >> >> File permissions are correct as I got rsyslog to create the file from >> scratch....... >> >> What am I missing here? > > Have you tried with all firewalling on the machine turned off? > > [My apologies if this has been covered earlier in the thread and I > missed it.] > > --Jon Radel > jon@radel.com Yep! I don't actually run any rules on the firewall even though PF is enabled. it's just meant for fail2ban though. However, disabled PF but still not working :-(