Date: Fri, 28 Oct 2011 20:30:28 -0700 From: Kevin Oberman <kob6558@gmail.com> To: Larry Rosenman <ler@lerctr.org> Cc: freebsd-current@freebsd.org Subject: Re: syslogd: Remote Logging busted? Message-ID: <CAN6yY1sKd_hZ3baTfcjUjBm-RmSuxUJQ2XOWT9HACwcXu%2B8xBg@mail.gmail.com> In-Reply-To: <0dcf638e123d2161d0e9d3c77386a8e7.squirrel@webmail.lerctr.org> References: <0dcf638e123d2161d0e9d3c77386a8e7.squirrel@webmail.lerctr.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 28, 2011 at 7:22 PM, Larry Rosenman <ler@lerctr.org> wrote: > > I enabled remote logging for my home subnet, and syslogd doesn't seem(!) to > be logging the messages. > > They ARE making it to the system. > > Can someone look at bin/162135 which has all the details, including > tcpdump to show that the messages are making it to the system. Just to be clear, you are running tcpdump on borg, right? The statement "This is from my Cable Modem:" confuses me a bit. Assuming tcpdump is on borg, it is making past any firewall (pf or ipfw, at least). What about /etc/hosts.allow? I don't recall if it filters before or after pcap see packets. I used to have a diagram showing the sequence of processing this, but I can't seem to find it now. What does "netstat -af inet | grep syslog" show? Is syslogd actually listening? -- R. Kevin Oberman, Network Engineer E-mail: kob6558@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1sKd_hZ3baTfcjUjBm-RmSuxUJQ2XOWT9HACwcXu%2B8xBg>