From owner-freebsd-questions Mon Nov 18 21:17: 1 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B8C437B401 for ; Mon, 18 Nov 2002 21:17:00 -0800 (PST) Received: from beta.stelesys.com (c-24-98-86-57.atl.client2.attbi.com [24.98.86.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9340D43E77 for ; Mon, 18 Nov 2002 21:16:59 -0800 (PST) (envelope-from jerry@syslog.org) Received: from [192.168.0.199] (helo=jbell9000) by beta.stelesys.com with asmtp (TLSv1:RC4-MD5:128) (Exim 4.10) id 18E0l1-000AML-00; Tue, 19 Nov 2002 00:17:07 -0500 Message-ID: <00fb01c28f8a$df63e580$010a0a0a@iss.net> From: "Jerry Bell" To: , "Chris Pepper" References: Subject: Re: 4.7-S: syslog from TiVo Date: Tue, 19 Nov 2002 00:16:52 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I really don't know if it would work or not, but you could put an ipfw divert rule and natd to redirect the syslog packets to localhost:514 or similar. Also, you'll need to remove the '-s' flag from syslogd. Jerry ----- Original Message ----- From: "Chris Pepper" To: Sent: Monday, November 18, 2002 11:54 PM Subject: 4.7-S: syslog from TiVo > I've just networked my TiVo, and noticed that it tries to > connect to 255.255.255.255:514/udp on restart. So naturally I'd like > to capture this in syslog, to see what it has to tell me. I opened up > the port in ipfw, and see a packet coming through, but after much > head-banging on syslog.conf.5, and trial and error, I still can't get > anything to showi up in the log file I created for this host, or > messages or console.log. What am I missing?? > > > Thanks much, > > > Chris Pepper > > >[www:~] root# uname -a > >FreeBSD www.reppep.com 4.7-STABLE FreeBSD 4.7-STABLE #2: Mon Nov 18 > >21:56:46 EST 2002 > >root@www.reppep.com:/usr/obj/usr/src/sys/REPPEP i386 > > >[www:~] root# ipfw -aN l|grep syslog > >01400 1 122 allow udp from 66.92.104.200/30 to any > >dst-port syslog > >[www:~] root# ps -aux|grep syslog > >root 5850 0.0 0.2 1028 720 ?? Ss 11:28PM 0:00.04 > >/usr/sbin/syslogd -4 -a 66.92.104.200/30 > > >[www:~] root# tail -2 /etc/syslog.conf > >+airport.reppep.com > >*.* /var/log/airport.log > >[www:~] root# ls -l /var/log/airport.log > >-rw-r--r-- 1 root wheel 0 Nov 18 21:09 /var/log/airport.log > -- > Chris Pepper: > Rockefeller University: > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message