Date: Sat, 8 Mar 2003 13:24:27 -0600 From: "Chuck Rock" <carock@epctech.com> To: <freebsd-questions@freebsd.org> Subject: Syslog problem Message-ID: <JDEAIDLKPMMILNJHADGCMEAGKHAA.carock@epctech.com>
next in thread | raw e-mail | index | archive | help
For the last few versions of FreeBSD, I have not been able to get my syslog to log my dial-up pool from my Cisco router. I changed the syslog startup flags in rc.conf. I'm running it now as /usr/sbin/syslogd -a 207.206.185.1/27 -a 209.83.132.1/27 The router is at .1 and configured to send it's logging messages to local7 syslog.conf is configured like this. *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages security.* /var/log/security auth.info;authpriv.info /var/log/auth.log mail.info /var/log/maillog lpr.info /var/log/lpd-errs cron.* /var/log/cron local0.* /var/log/local-0 local1.* /var/log/local-1 local2.* /var/log/local-2 local3.* /var/log/local-3 local4.* /var/log/local-4 local5.* /var/log/local-5 local6.* /var/log/local-6 local7.* /var/log/cisco etc... None of the syslg files for local facilities gets data. -rw-rw-r-- 1 root wheel 0 Mar 8 11:45 local-0 -rw-rw-r-- 1 root wheel 0 Mar 8 11:45 local-1 -rw-rw-r-- 1 root wheel 0 Mar 8 11:45 local-2 -rw-rw-r-- 1 root wheel 0 Mar 8 11:43 local-3 -rw-rw-r-- 1 root wheel 0 Mar 8 11:43 local-4 -rw-rw-r-- 1 root wheel 0 Mar 8 11:43 local-5 -rw-rw-r-- 1 root wheel 0 Mar 8 11:45 local-6 -rw-rw-r-- 1 root wheel 0 Mar 8 11:35 cisco Yet I do see data coming into this machine on the syslog port using tcpdump. tcpdump -w dumpfile1 -vvv port 514 kira(403):[/var/log]-#tcpdump -r dumpfile1 12:23:05.378296 gw.54139 > kira.epconline.net.syslog: udp 103 12:23:05.378540 gw.54139 > kira.epconline.net.syslog: udp 125 12:23:23.597642 gw.54139 > kira.epconline.net.syslog: udp 101 12:23:24.629645 gw.54139 > kira.epconline.net.syslog: udp 123 12:23:38.321355 gw.54139 > kira.epconline.net.syslog: udp 101 12:23:39.349425 gw.54139 > kira.epconline.net.syslog: udp 123 12:23:43.137243 gw.54139 > kira.epconline.net.syslog: udp 125 12:24:06.577077 gw.54139 > kira.epconline.net.syslog: udp 103 12:24:06.577266 gw.54139 > kira.epconline.net.syslog: udp 125 Cisco config... ! logging 207.206.185.2 gw(config)#logging facility local7 I did notice though while I was messing around with this stuff, this was logged on one of my ssh sessions... kira(416):[/etc]-#Mar 8 12:48:39.517 radiusd[6916] /usr/local/sbin/radiusd:users testing and DEFAULT not found Mar 8 12:48:39.519 radiusd[6916] Authenticate: gw1645, id=54: Neither User Nor Default Name: testing This is the logging information from the router which should be going to a file in /var/log I grep'd for radiusd from /var/log/* and go no results. Does anyone have any ideas? Any suggestions? I really need to get my Cisco logging working. Thanks, Chuck Rock Internet Services Manager EPC, Inc. http://www.epcusa.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?JDEAIDLKPMMILNJHADGCMEAGKHAA.carock>