Date: Mon, 10 Mar 2003 07:58:00 -0600 (CST) From: Chuck Rock <carock@epctech.com> To: Dean Strik <dean@stack.nl> Cc: "Michael K. Smith" <mksmith@noanet.net>, freebsd-questions@freebsd.org Subject: Re: Syslog problem Message-ID: <20030310075547.L25882@kira.epconline.net> In-Reply-To: <20030309123709.GD34099@dragon.stack.nl> References: <20030308174700.C73817-100000@chimera.noanet.net> <20030308204019.S86872@kira.epconline.net> <20030309123709.GD34099@dragon.stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
OK, this does make some sense reading it a few more times. I did include the output of snort which clearly shows the packets coming from port 514 (syslog) which this also says is the default accept port from the source address. This should have worked anyway, shouldn't it? I appreciate the help from everyone. Thanks, Chuck On Sun, 9 Mar 2003, Dean Strik wrote: > Chuck Rock wrote: > > On Sat, 8 Mar 2003, Michael K. Smith wrote: > > > This might be your issue, because you haven't specified the service after > > > you subnet. Try the following: > > > > > > /usr/sbin/syslogd -a 207.206.185.1/27:* -a 209.83.132.1/27:* > > > > Accordifn to the man page, that just specifies what port to listen on. By > > default it's 514 syslog port. > > No, that's not what it says. I quote: > > ipaddr/masklen[:service] > [...] > If specified, _service_ is the name or number of an UDP service (see > services(5)) the source packet must belong to. > > In other words, it's the port the remote syslog is sending from, not the > port the local syslogd is listening on. > > -- > Dean C. Strik Eindhoven University of Technology > dean@stack.nl | dean@ipnet6.org | http://www.ipnet6.org/ > "This isn't right. This isn't even wrong." -- Wolfgang Pauli > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030310075547.L25882>