From owner-freebsd-questions  Mon Nov 26 18:29:17 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from ns1.austclear.com.au (ns1.austclear.com.au [192.43.185.68])
	by hub.freebsd.org (Postfix) with ESMTP id 8B22B37B417
	for <freebsd-questions@FreeBSD.ORG>; Mon, 26 Nov 2001 18:29:11 -0800 (PST)
Received: from tungsten.austclear.com.au (tungsten.austclear.com.au [192.168.166.65])
	by ns1.austclear.com.au (8.11.2/8.11.3) with ESMTP id fAR2TAY84825;
	Tue, 27 Nov 2001 13:29:10 +1100 (EST)
	(envelope-from ahl@austclear.com.au)
Received: from tungsten (tungsten [192.168.166.65])
        by tungsten.austclear.com.au (8.9.3/8.9.3) with ESMTP id NAA19877;
        Tue, 27 Nov 2001 13:29:09 +1100 (EST)
Message-Id: <200111270229.NAA19877@tungsten.austclear.com.au>
To: "Anthony Atkielski" <anthony@freebie.atkielski.com>
Cc: "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject: Re: Accepting syslog messages from a router 
In-Reply-To: Your message of "Mon, 26 Nov 2001 12:27:31 BST."
             <007e01c1766d$57595670$0a00000a@atkielski.com> 
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <19874.1006828149.1@tungsten>
Date: Tue, 27 Nov 2001 13:29:09 +1100
From: Tony Landells <ahl@austclear.com.au>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> The default was "-s", which I changed in rc.conf to "-a 10.0.0.0/24:*";
> if I understood correctly, this would tell syslogd to accept any remote
> messages coming from my own subnet (the router is at 10.0.0.30).  But
> nothing was accepted with that.  I finally tried running syslogd with
> _no_ options, and now the messages are being accepted.

> I'd still like to know why the -a option doesn't seem to work.  I don't
> like leaving syslogd open to every machine on the network (even though
> nothing actually gets past the firewall).

The point of my suggestion was to determine whether the problem was your
command line or your configuration file.  Now that we know it's the command
line, we can focus our debugging.

Did you do a "ps" listing while you were having problems to check that
the running syslogd had the command line you expected?  Use something
like "ps wwax" or "ps wwaxl", with your "-a ..." option set in rc.conf
and see what the syslogd command looks like.

If it looks fine, you may want to use the "-d" argument as well (running
the command by hand) and shoot a couple of syslog messages from somewhere
else that match your address restriction, and see what syslogd says it's
doing with it.

I haven't used the "-a" argument myself, so I can't tell you whether it
looks right or wrong.

Tony

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message