From owner-freebsd-hackers@FreeBSD.ORG  Wed Aug 20 23:09:33 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 68F696BB
 for <freebsd-hackers@freebsd.org>; Wed, 20 Aug 2014 23:09:33 +0000 (UTC)
Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl
 [188.252.31.196])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DCC033125
 for <freebsd-hackers@freebsd.org>; Wed, 20 Aug 2014 23:09:32 +0000 (UTC)
Received: from wojtek.tensor.gdynia.pl (localhost [127.0.0.1])
 by wojtek.tensor.gdynia.pl (8.14.7/8.14.7) with ESMTP id s7KN8qIO071687
 for <freebsd-hackers@freebsd.org>; Thu, 21 Aug 2014 01:08:52 +0200 (CEST)
 (envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from localhost (wojtek@localhost)
 by wojtek.tensor.gdynia.pl (8.14.7/8.14.7/Submit) with ESMTP id s7KN8qBb071684
 for <freebsd-hackers@freebsd.org>; Thu, 21 Aug 2014 01:08:52 +0200 (CEST)
 (envelope-from wojtek@wojtek.tensor.gdynia.pl)
Date: Thu, 21 Aug 2014 01:08:52 +0200 (CEST)
From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
To: freebsd-hackers@freebsd.org
Subject: syslog receiving data by UDP from windows with nxlog
Message-ID: <alpine.BSF.2.00.1408210100110.71532@wojtek.tensor.gdynia.pl>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.4.3
 (wojtek.tensor.gdynia.pl [127.0.0.1]); Thu, 21 Aug 2014 01:08:52 +0200 (CEST)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 23:09:33 -0000

i configured nxlog on windows machine to send logs to FreeBSD.

checked with tcpdump windows actually send logs like this:

2014-08-21 00:50:17 winserver1 INFO 7036 Usluga nxlog weszla w stan uruchomienia.

this way:

00:50:27.995832 IP 10.100.100.241.54774 > 10.100.100.1.514: [|syslog]

syslogd is run this way
/usr/sbin/syslogd -vn -b 10.100.100.1 -a 10.0.0.0/8

and syslog.conf is like this


+*
*.*				-/var/log/messages


nothing is logged.

to test things - i configured syslog from other FreeBSD computer to send 
logs to 10.100.100.1 - works fine.


what is wrong?