Date: Tue, 29 Jan 2002 13:59:32 -0800 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Richard <richard@drtvtim.ro> Cc: questions@FreeBSD.ORG Subject: Re: Problems with syslog ??????? Message-ID: <20020129135932.D79208@blossom.cjclark.org> In-Reply-To: <000501c1a8c4$5cf10400$aa40a8c0@drtvtim.ro>; from richard@drtvtim.ro on Tue, Jan 29, 2002 at 02:55:52PM %2B0200 References: <000501c1a8c4$5cf10400$aa40a8c0@drtvtim.ro>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 29, 2002 at 02:55:52PM +0200, Richard wrote:
> Hi there!
>
> I'm running : FreeBSD 4.3 Stable
>
> I'm using syslog (besides the usual) to log from my Routers (Allied +
> Cisco) the problem is that if I'm trying to limit the access to syslog
> (from unwanted incoming UDP datagrams) by using the -a (allowed peer)
> parameter (eg. -a 192.168.64.200/24:*) syslog is not logging the
> incoming UDP datagrams (UDP datagrams reach the server, verified with
> tcpdump), only if I run syslog simply (without -a parameter).
There was a bug in syslogd.c I fixed between 4.3-RELEASE and
4.4-RELEASE that may account for this. If you use,
-a 182.168.64.0/24:*
It should work fine (of course you've got to protect the '*' from the
shell too). You can also upgrade of course.
Due to the way the math was done, the source address of the datagram
could never match the filter if you didn't zero-out all of the host
bits in the address provided too the '-a' option.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020129135932.D79208>