Date: Thu, 30 Apr 2015 09:24:02 -0453 From: "William A. Mahaffey III" <wam@hiwaay.net> To: freebsd-questions@freebsd.org Subject: Re: minor syslog issue Message-ID: <5542398B.4000405@hiwaay.net> In-Reply-To: <5542348D.8000109@infracaninophile.co.uk> References: <55422366.8060000@hiwaay.net> <554229CE.30009@infracaninophile.co.uk> <55422E43.8090206@hiwaay.net> <5542348D.8000109@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/30/15 09:02, Matthew Seaman wrote:
> On 04/30/15 14:28, William A. Mahaffey III wrote:
>> 08:23:28.496828 IP RPiB+.59735 > kabini1.local.syslog: SYSLOG
>> syslog.error, length: 59
>> 08:23:28.497229 IP RPiB+.59735 > kabini1.local.syslog: SYSLOG
>> syslog.error, length: 59
> This is the only relevant bit out of your tcpdump output -- it usually
> helps if you filter out as much of the irrelevant stuff that you can[*].
>
> Anyhow, as you can see, your RPiB+ is logging *from* an arbitrary
> high-numbered port. This time it happens to be using 59735 but that
> would probably change with each restart of syslogd. Basically use the
> '-a 192.168.0.0/16:*' form in this case.
>
> Cheers,
>
> Matthew
>
> [*] ie. 'tcpdump port syslog' should work as the packets are being sent
> to the syslog port on your server.
>
I missed that (high port #, thought it might be a process #, *new* to
tcpdump et al :-/ ) .... Could that be a mal/mis-configuration in the
(rather beta) NetBSD ARM port ? I will try the updated syslogd flag &
see how that goes. Thanks :-).
--
William A. Mahaffey III
----------------------------------------------------------------------
"The M1 Garand is without doubt the finest implement of war
ever devised by man."
-- Gen. George S. Patton Jr.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5542398B.4000405>