From owner-freebsd-questions Thu Sep 21 16:36:55 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ns1.jonelrienton.org (dsl-64-34-25-237.telocity.com [64.34.25.237]) by hub.freebsd.org (Postfix) with SMTP id 2D3BC37B423 for ; Thu, 21 Sep 2000 16:36:51 -0700 (PDT) Received: (qmail 88290 invoked from network); 21 Sep 2000 23:55:48 -0000 Received: from debian (10.29.22.23) by zeus with SMTP; 21 Sep 2000 23:55:48 -0000 Message-ID: <000d01c02426$6072b020$17161d0a@jonelrienton.org> From: "Jonel Rienton" To: , "Oscar Ricardo Silva" References: <4.3.2.7.2.20000921181334.00b12180@mail.utexas.edu> Subject: Re: Attempting to use syslogd with "-a" option Date: Thu, 21 Sep 2000 18:48:00 -0500 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, i'm actually using hostnames instead of ip addr, but i'm sure the ip addr works as well, my receiving box runs syslogd like: syslogd -a homer.developers.local and my sending box has: *.* @marge.developers.local in /etc/syslog.conf hth. Jonel Rienton http://qmail.freebsduser.org sent by qmail-1.03 on a FreeBSD 4.1-STABLE ----- Original Message ----- From: "Oscar Ricardo Silva" To: Sent: Thursday, September 21, 2000 6:21 PM Subject: Attempting to use syslogd with "-a" option | I'm trying to enable logging from other hosts to my machine. The loghost | machine is running FreeBSD 4.1-STABLE, one of the test machines has FreeBSD | 4.1-STABLE and the other Red Hat Linux 6.2. When I start the syslogd | daemon with the "-a" switch | | syslod -a 1.2.3.4/24 -a 1.2.3.5/24 | | (I've also tried without the masklen, the "/24" with the same results) | | I see that syslog messages from the test machines are being rejected: | | validate: dgram from IP 1.2.3.4, port 514, name test1.foo.com; | rejected in rule 0 due to IP mismatch. | rejected in rule 1 due to IP mismatch. | cvthname(1.2.3.4) | validate: dgram from IP 1.2.3.5, port 514, name test2.foo.com; | rejected in rule 0 due to IP mismatch. | rejected in rule 1 due to IP mismatch. | | | The test machines have the line: | | *.* @1.2.3.10 | | where 1.2.3.10 is supposed to be my machine (and yes, those are tabs | between the *.* and the "@") | | I tried running tcpdump on loghost and saw that syslog messages were being | sent out and that they were coming into my machine: | | 17:48:00.325121 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 62 | 17:48:08.424073 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 69 | 17:48:08.424532 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 80 | 17:48:08.425285 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 91 | 17:48:21.796066 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 62 | 17:48:24.305533 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:48:24.306488 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 82 | 17:48:24.307487 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 93 | 17:49:36.977318 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:49:36.977713 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 70 | 17:49:42.116968 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 71 | 17:49:42.117367 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 70 | 17:49:47.662878 test1.foo.fom.syslog > loghost.foo.com.syslog: udp 58 | | | | I checked mailing list archives and all I found were other people having | problems running with the "-a" option but no responses. The Complete | FreeBSD didn't have much to say on remote logging. | | Any information would be appreciated. | | | | Oscar | | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-questions" in the body of the message | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message