From owner-freebsd-hackers@FreeBSD.ORG Thu Aug 21 07:13:05 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 332FB3AE; Thu, 21 Aug 2014 07:13:05 +0000 (UTC) Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl [188.252.31.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8BD773FD6; Thu, 21 Aug 2014 07:13:04 +0000 (UTC) Received: from wojtek.tensor.gdynia.pl (localhost [127.0.0.1]) by wojtek.tensor.gdynia.pl (8.14.7/8.14.7) with ESMTP id s7L7CWG3073219; Thu, 21 Aug 2014 09:12:32 +0200 (CEST) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from localhost (wojtek@localhost) by wojtek.tensor.gdynia.pl (8.14.7/8.14.7/Submit) with ESMTP id s7L7CWhp073216; Thu, 21 Aug 2014 09:12:32 +0200 (CEST) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Date: Thu, 21 Aug 2014 09:12:32 +0200 (CEST) From: Wojciech Puchar To: Ian Lepore Subject: Re: syslog receiving data by UDP from windows with nxlog In-Reply-To: Message-ID: References: <1408576950.1150.16.camel@revolution.hippie.lan> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.4.3 (wojtek.tensor.gdynia.pl [127.0.0.1]); Thu, 21 Aug 2014 09:12:32 +0200 (CEST) Cc: freebsd-hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Aug 2014 07:13:05 -0000 what is the difference when logging this <38>Aug 21 09:09:09 login: login from 10.100.101.110 on pts/0 as root which is properly logged over UDP (from other unix host) and this <14>Aug 21 01:43:44 winserver1 Microsoft-Windows-GroupPolicy[936]: Okresowe przetwarzanie zasad dla u##ytkownika winserver1\ostrowska zosta#<82>o uko#<84>czone w czasie 0 s. which is not? what syslog is refusing and why? is there any syslog option to check it why? On Thu, 21 Aug 2014, Wojciech Puchar wrote: >>> +* >>> *.* -/var/log/messages >>> >>> >>> nothing is logged. >>> >>> to test things - i configured syslog from other FreeBSD computer to send >>> logs to 10.100.100.1 - works fine. >>> >>> >>> what is wrong? >>> _______________________________________________ >>> freebsd-hackers@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >> >> In /etc/defaults/rc.conf is 'syslogd_flags="-s"' which prevents >> connections from other machines (so that your syslogd doesn't become a >> remote disk-filling service). The syslogd(8) manpage will show you what >> you need to set instead to allow packets from that other machine. > > this is already done > > syslogd_enable="YES" # Run syslog daemon (or NO). > syslogd_flags="-vn -b 10.100.100.1 -a 10.0.0.0/8" # Flags to > syslogd (if enabled). > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > >