Date: Wed, 16 Oct 2002 18:06:58 +0100 (BST) From: Jess Kitchen <jk@burstfire.net> To: Freebsd <freebsd-isp@FreeBSD.ORG> Subject: Re: logging Message-ID: <20021016173823.S62516-100000@platinum.daweb.net> In-Reply-To: <3DAD496E.7A8EBB78@tcworks.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Oct 2002, Chris Cook wrote: [snip] > syslogd -a "ip address" > > it will not log from localhosts... it WILL log from hosts on a different > subnet. any ideas? Hi Chris, Try this in rc.conf syslogd_enable="YES" syslogd_flags="-a 1.2.3.0/23:*" If you have rogue devices on your network that don't originate packets from port 514 you should use the wildcard option in this case. -b will set the bind address, which obviously will break @localhost logging though you wouldn't be doing that anyway. Additionally you can stack the -a option, "-a x.x.1.1 -a x.x.2.1" but I think as default it will accept from a whole /24 if you only specify an IP without a mask. In any case, -d will spew debug output to stdout(err?) so you can see if its being refused or just lost locally due to syslog.conf being broken. Cheers, J. -- Jess Kitchen <jk@burstfire.net> http://www.burstfire.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021016173823.S62516-100000>