From owner-freebsd-questions Wed May 16 11: 4:48 2001 Delivered-To: freebsd-questions@freebsd.org Received: from ns-exch05.jccc.net (ns-exch05.jccc.net [198.248.56.5]) by hub.freebsd.org (Postfix) with ESMTP id 4508537B424; Wed, 16 May 2001 11:04:36 -0700 (PDT) (envelope-from ndunker@jccc.net) Received: by ns-exch05 with Internet Mail Service (5.5.2653.19) id ; Wed, 16 May 2001 13:00:59 -0500 Message-ID: From: Noah Dunker To: 'Virtual Bob' , FreeBSD QUESTIONS general discussion , FreeBSD Install & Config discussion Subject: RE: tricky syslogd Date: Wed, 16 May 2001 13:00:51 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG is the syslogd being launched with the -r flag on the cenralized syslog host? if you just run syslog, it doesn't open a listener port. you have to run "syslogd -r" if you want it to accept remote syslog messages. Noah Dunker Systems Analyst/Technician Johnson County Community College -----Original Message----- From: Virtual Bob [mailto:hey9811@yahoo.com] Sent: Wednesday, May 16, 2001 12:58 PM To: FreeBSD QUESTIONS general discussion; FreeBSD Install & Config discussion Subject: tricky syslogd I'm having difficulty tring to get syslog info from Cisco 675 ADSL modem to loghost 192.168.1.3 (3.5-stable). I checked the loghost to see if packet's arriving at all: tcpdump -i fxp2 host 10.0.0.1 and after I cycled the power to Cisco 675 I get these on dump: 03:33:03.706985 10.0.0.1.514 > 192.168.1.3.514: udp 103 (DF) 03:33:03.707034 10.0.0.1.514 > 192.168.1.3.514: udp 123 (DF) 03:33:03.707065 10.0.0.1.514 > 192.168.1.3.514: udp 62 (DF) 03:33:03.732296 10.0.0.1.514 > 192.168.1.3.514: udp 58 (DF) 03:33:03.799392 10.0.0.1.514 > 192.168.1.3.514: udp 81 (DF) 03:33:04.084737 10.0.0.1.514 > 192.168.1.3.514: udp 68 (DF) so it's reaching the loghost. Doing ps -ax yields this about syslogd at the loghost: 1789 ?? Ss 0:00.01 syslogd -a 192.168.0.0 -a 10.0.0.1 -v -v I added temporary log config in syslog.conf to catch everything (*.*) in case my own ruleset is dropping messages. I checked that catch-all log file over and over during my experiment, but there aren't any messages logged that pertains to Cisco. And it's the same when I cycle the power through Cisco. Absolutely nothing is logged about it. (All regular activities are logged.) I'm scratching my head on this. Did I forget anything else? Has anyone gotten Cisco 675 syslog client to work with FreeBSD syslogd? ------------- clip here with virtual scissors -------------- ************************************************************ Keyboard stuck error. Press F1 to continue. Any unsolicited e-mails will be charged US$500 per e-mail, plus court cost. Your contribution to Bill Gates' personal wealth: US$359.17 ************************************************************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message