From owner-freebsd-stable  Sun Mar 26 23: 5: 8 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from jason.argos.org (a1-3b058.neo.rr.com [24.93.181.58])
	by hub.freebsd.org (Postfix) with ESMTP id 50B8437B6B6
	for <stable@FreeBSD.ORG>; Sun, 26 Mar 2000 23:05:03 -0800 (PST)
	(envelope-from mike@argos.org)
Received: from localhost (mike@localhost)
	by jason.argos.org (8.9.1/8.9.1) with ESMTP id CAA15505;
	Mon, 27 Mar 2000 02:04:18 -0500
Date: Mon, 27 Mar 2000 02:04:18 -0500 (EST)
From: Mike Nowlin <mike@argos.org>
To: Doug White <dwhite@resnet.uoregon.edu>
Cc: Andreas Klemm <andreas@klemm.gtn.com>, stable@FreeBSD.ORG
Subject: Re: HEADS-UP please: syslogd problems in 4.0: rejected in rule 0
 due to port mismatch.
In-Reply-To: <Pine.BSF.4.21.0003261613370.67760-100000@resnet.uoregon.edu>
Message-ID: <Pine.LNX.4.05.10003270155310.15121-100000@jason.argos.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


> What port is the cisco sending the syslog updates from?  The default -a
> requires it to be sent *from* the syslogd port.  A tcpdump is probably in
> order.

Is this "the right way" to do it?  I'm just wondering why the requirement
that the messages come from the syslog port.  My Linux & DEC UNIX machines
don't require this, although they're not using any kind of allowed_peer
restrictions - just "remote logging enabled".  

BTW: My cisco 2610 & 1720 routers are successfully logging to a Linux box
using the following:

logging facility daemon
logging 208.132.36.130

...the log packets come over from 1025, 40282, whatever..  Seems random,
but (in my opinion), "The Right Way".  If a user-level program opens a
port to syslog, it shouldn't be required to use port 514 to log to a
remote host.    

(If this seems goofy, I've had a few tonight.....:) )

mike




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message