From owner-freebsd-questions  Tue Jan 29 14: 1: 1 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from hawk.prod.itd.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22])
	by hub.freebsd.org (Postfix) with ESMTP id BB0FA37B405
	for <questions@freebsd.org>; Tue, 29 Jan 2002 14:00:57 -0800 (PST)
Received: from dialup-209.245.134.159.dial1.sanjose1.level3.net ([209.245.134.159] helo=blossom.cjclark.org)
	by hawk.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16VgJ8-0001zD-00; Tue, 29 Jan 2002 14:00:50 -0800
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.3) id g0TLxW779423;
	Tue, 29 Jan 2002 13:59:32 -0800 (PST)
	(envelope-from cjc)
Date: Tue, 29 Jan 2002 13:59:32 -0800
From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: Richard <richard@drtvtim.ro>
Cc: questions@FreeBSD.ORG
Subject: Re: Problems with syslog ???????
Message-ID: <20020129135932.D79208@blossom.cjclark.org>
References: <000501c1a8c4$5cf10400$aa40a8c0@drtvtim.ro>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <000501c1a8c4$5cf10400$aa40a8c0@drtvtim.ro>; from richard@drtvtim.ro on Tue, Jan 29, 2002 at 02:55:52PM +0200
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Tue, Jan 29, 2002 at 02:55:52PM +0200, Richard wrote:
> Hi there!
>  
> I'm running : FreeBSD 4.3 Stable
>  
> I'm using syslog (besides the usual) to log from my Routers (Allied +
> Cisco) the problem is that if I'm trying to limit the access to syslog
> (from unwanted incoming UDP datagrams) by using the -a (allowed peer)
> parameter (eg. -a 192.168.64.200/24:*) syslog is not logging the
> incoming UDP datagrams (UDP datagrams reach the server, verified with
> tcpdump), only if I run syslog simply (without -a parameter). 

There was a bug in syslogd.c I fixed between 4.3-RELEASE and
4.4-RELEASE that may account for this. If you use,

  -a 182.168.64.0/24:*

It should work fine (of course you've got to protect the '*' from the
shell too). You can also upgrade of course.

Due to the way the math was done, the source address of the datagram
could never match the filter if you didn't zero-out all of the host
bits in the address provided too the '-a' option.
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message