From owner-freebsd-questions Tue Jun 27 20:43:21 2000 Delivered-To: freebsd-questions@freebsd.org Received: from kestrel.prod.itd.earthlink.net (kestrel.prod.itd.earthlink.net [207.217.121.155]) by hub.freebsd.org (Postfix) with ESMTP id 5878E37C57D for ; Tue, 27 Jun 2000 20:43:17 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from dialin-client.earthlink.net (pool1367.cvx20-bradley.dialup.earthlink.net [209.179.255.92]) by kestrel.prod.itd.earthlink.net (8.9.3-EL_1_3/8.9.3) with ESMTP id UAA11995; Tue, 27 Jun 2000 20:43:14 -0700 (PDT) Received: (from cjc@localhost) by dialin-client.earthlink.net (8.9.3/8.9.3) id UAA00740; Tue, 27 Jun 2000 20:41:48 -0700 (PDT) Date: Tue, 27 Jun 2000 20:41:46 -0700 From: "Crist J. Clark" To: mmckinn5@csc.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: syslog.conf Message-ID: <20000627204146.D424@dialin-client.earthlink.net> Reply-To: cjclark@alum.mit.edu References: <8525690B.00765597.00@csc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <8525690B.00765597.00@csc.com>; from mmckinn5@csc.com on Tue, Jun 27, 2000 at 02:29:38PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Jun 27, 2000 at 02:29:38PM -0700, mmckinn5@csc.com wrote: > I am configuring FreeBSD 3.2 syslog.conf to receive messages from a Cisco > router. > > In the /etc/syslog.conf I am entering the following 2 lines: > > local7.debug /var/log/cisco.out > local7.notice /var/log/cisco.out > > I use tabs and do not use spaces as separators. Either should work with FreeBSD's syslog (I think that was there for 3.2), but tabs are back-compatible. > The file /var/log/cisco.out has permissions of 777. Eep! The security side of me doesn't like that at all. And why do any of 111 need to be set? > The command: > > kill -HUP 139 > > reads in changes made in /etc/syslog.conf. I have even killed syslogd and > restarted it by hand. Have you tried running it with the '-d' flag. Be ready for serious spam, but you can really catch some errors with it. > On the Cisco router, I have turned on logging with the following commands > > logging on > logging trap debug > logging > > A show log command on the router indicates messages are sent to the FreeBSD > host, but no messages are logged in the file /var/log/cisco.out. > > I have done this simple operation on Solaris 2.6 without any problems. If you turn on tcpdump, are syslog packets definately hitting the FreeBSD box? > Can anyone help me with making this work? Are you running syslogd with any flags? Now, by default, syslogd is run with the '-s' flag which would drop stuff from other machines. Not sure what was the default in 3.2. (Skip lecture about updating to 3.x-STABLE.) -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message