From owner-freebsd-config Wed May 16 10:58:42 2001 Delivered-To: freebsd-config@freebsd.org Received: from kristen.shadowdale.net (omah6400gw2poolA102.omah.uswest.net [63.227.156.102]) by hub.freebsd.org (Postfix) with ESMTP id 3D8B637B422; Wed, 16 May 2001 10:58:37 -0700 (PDT) (envelope-from hey9811@yahoo.com) Received: from localhost (hey9811@localhost) by kristen.shadowdale.net (8.9.3/8.9.3) with ESMTP id MAA01862; Wed, 16 May 2001 12:57:53 -0500 (CDT) (envelope-from hey9811@yahoo.com) X-Authentication-Warning: kristen.shadowdale.net: hey9811 owned process doing -bs Date: Wed, 16 May 2001 12:57:53 -0500 (CDT) From: Virtual Bob To: FreeBSD QUESTIONS general discussion , FreeBSD Install & Config discussion Subject: tricky syslogd Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-config@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm having difficulty tring to get syslog info from Cisco 675 ADSL modem to loghost 192.168.1.3 (3.5-stable). I checked the loghost to see if packet's arriving at all: tcpdump -i fxp2 host 10.0.0.1 and after I cycled the power to Cisco 675 I get these on dump: 03:33:03.706985 10.0.0.1.514 > 192.168.1.3.514: udp 103 (DF) 03:33:03.707034 10.0.0.1.514 > 192.168.1.3.514: udp 123 (DF) 03:33:03.707065 10.0.0.1.514 > 192.168.1.3.514: udp 62 (DF) 03:33:03.732296 10.0.0.1.514 > 192.168.1.3.514: udp 58 (DF) 03:33:03.799392 10.0.0.1.514 > 192.168.1.3.514: udp 81 (DF) 03:33:04.084737 10.0.0.1.514 > 192.168.1.3.514: udp 68 (DF) so it's reaching the loghost. Doing ps -ax yields this about syslogd at the loghost: 1789 ?? Ss 0:00.01 syslogd -a 192.168.0.0 -a 10.0.0.1 -v -v I added temporary log config in syslog.conf to catch everything (*.*) in case my own ruleset is dropping messages. I checked that catch-all log file over and over during my experiment, but there aren't any messages logged that pertains to Cisco. And it's the same when I cycle the power through Cisco. Absolutely nothing is logged about it. (All regular activities are logged.) I'm scratching my head on this. Did I forget anything else? Has anyone gotten Cisco 675 syslog client to work with FreeBSD syslogd? ------------- clip here with virtual scissors -------------- ************************************************************ Keyboard stuck error. Press F1 to continue. Any unsolicited e-mails will be charged US$500 per e-mail, plus court cost. Your contribution to Bill Gates' personal wealth: US$359.17 ************************************************************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-config" in the body of the message From owner-freebsd-config Wed May 16 11: 4:48 2001 Delivered-To: freebsd-config@freebsd.org Received: from ns-exch05.jccc.net (ns-exch05.jccc.net [198.248.56.5]) by hub.freebsd.org (Postfix) with ESMTP id 4508537B424; Wed, 16 May 2001 11:04:36 -0700 (PDT) (envelope-from ndunker@jccc.net) Received: by ns-exch05 with Internet Mail Service (5.5.2653.19) id ; Wed, 16 May 2001 13:00:59 -0500 Message-ID: From: Noah Dunker To: 'Virtual Bob' , FreeBSD QUESTIONS general discussion , FreeBSD Install & Config discussion Subject: RE: tricky syslogd Date: Wed, 16 May 2001 13:00:51 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-config@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG is the syslogd being launched with the -r flag on the cenralized syslog host? if you just run syslog, it doesn't open a listener port. you have to run "syslogd -r" if you want it to accept remote syslog messages. Noah Dunker Systems Analyst/Technician Johnson County Community College -----Original Message----- From: Virtual Bob [mailto:hey9811@yahoo.com] Sent: Wednesday, May 16, 2001 12:58 PM To: FreeBSD QUESTIONS general discussion; FreeBSD Install & Config discussion Subject: tricky syslogd I'm having difficulty tring to get syslog info from Cisco 675 ADSL modem to loghost 192.168.1.3 (3.5-stable). I checked the loghost to see if packet's arriving at all: tcpdump -i fxp2 host 10.0.0.1 and after I cycled the power to Cisco 675 I get these on dump: 03:33:03.706985 10.0.0.1.514 > 192.168.1.3.514: udp 103 (DF) 03:33:03.707034 10.0.0.1.514 > 192.168.1.3.514: udp 123 (DF) 03:33:03.707065 10.0.0.1.514 > 192.168.1.3.514: udp 62 (DF) 03:33:03.732296 10.0.0.1.514 > 192.168.1.3.514: udp 58 (DF) 03:33:03.799392 10.0.0.1.514 > 192.168.1.3.514: udp 81 (DF) 03:33:04.084737 10.0.0.1.514 > 192.168.1.3.514: udp 68 (DF) so it's reaching the loghost. Doing ps -ax yields this about syslogd at the loghost: 1789 ?? Ss 0:00.01 syslogd -a 192.168.0.0 -a 10.0.0.1 -v -v I added temporary log config in syslog.conf to catch everything (*.*) in case my own ruleset is dropping messages. I checked that catch-all log file over and over during my experiment, but there aren't any messages logged that pertains to Cisco. And it's the same when I cycle the power through Cisco. Absolutely nothing is logged about it. (All regular activities are logged.) I'm scratching my head on this. Did I forget anything else? Has anyone gotten Cisco 675 syslog client to work with FreeBSD syslogd? ------------- clip here with virtual scissors -------------- ************************************************************ Keyboard stuck error. Press F1 to continue. Any unsolicited e-mails will be charged US$500 per e-mail, plus court cost. Your contribution to Bill Gates' personal wealth: US$359.17 ************************************************************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-config" in the body of the message From owner-freebsd-config Wed May 16 15: 1:30 2001 Delivered-To: freebsd-config@freebsd.org Received: from kristen.shadowdale.net (omah6400gw2poolA102.omah.uswest.net [63.227.156.102]) by hub.freebsd.org (Postfix) with ESMTP id 4AF5337B422; Wed, 16 May 2001 15:01:25 -0700 (PDT) (envelope-from hey9811@yahoo.com) Received: from localhost (hey9811@localhost) by kristen.shadowdale.net (8.9.3/8.9.3) with ESMTP id RAA02461; Wed, 16 May 2001 17:00:28 -0500 (CDT) (envelope-from hey9811@yahoo.com) X-Authentication-Warning: kristen.shadowdale.net: hey9811 owned process doing -bs Date: Wed, 16 May 2001 17:00:28 -0500 (CDT) From: Virtual Bob To: Noah Dunker Cc: FreeBSD QUESTIONS general discussion , FreeBSD Install & Config discussion Subject: RE: tricky syslogd In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-config@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > is the syslogd being launched with the > -r flag on the cenralized syslog host? > > if you just run syslog, it doesn't open > a listener port. you have to run "syslogd -r" > if you want it to accept remote syslog > messages. I did wondering what that is since it was referenced in Cisco's manual, but I didn't find such in man syslogd on 3.5S or 4.3S. I eventually found it's availble on several version of Unix (and LInux). Anyway, on both 3.5S and 4.3S, running syslogd -r just gives "illegal option". I think on FreeBSD version of syslogd, "-r" is replaced by "-a"? ------------- clip here with virtual scissors -------------- ************************************************************ Keyboard stuck error. Press F1 to continue. Any unsolicited e-mails will be charged US$500 per e-mail, plus court cost. Your contribution to Bill Gates' personal wealth: US$359.17 ************************************************************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-config" in the body of the message