From owner-freebsd-questions@FreeBSD.ORG  Sun Feb  5 07:33:01 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D1E9316A420
	for <freebsd-questions@freebsd.org>;
	Sun,  5 Feb 2006 07:33:01 +0000 (GMT)
	(envelope-from bill@wiliweld.com)
Received: from typhoon.he.net (typhoon.he.net [64.62.229.2])
	by mx1.FreeBSD.org (Postfix) with SMTP id 9ECFD43D4C
	for <freebsd-questions@freebsd.org>;
	Sun,  5 Feb 2006 07:33:01 +0000 (GMT)
	(envelope-from bill@wiliweld.com)
Received: from liam.billschoolcraft.com ([63.204.157.14]) by typhoon.he.net
	for <freebsd-questions@freebsd.org>; Sat, 4 Feb 2006 23:32:53 -0800
Date: Sat, 4 Feb 2006 23:32:57 -0800 (PST)
From: Bill Schoolcraft <bill@wiliweld.com>
X-X-Sender: bill@liam.billschoolcraft.com
To: Matthew Seaman <m.seaman@infracaninophile.co.uk>
In-Reply-To: <43E48BB8.7000906@infracaninophile.co.uk>
Message-ID: <Pine.LNX.4.61.0602042329000.16821@liam.billschoolcraft.com>
References: <Pine.LNX.4.61.0602032143280.7777@liam.billschoolcraft.com>
	<43E48BB8.7000906@infracaninophile.co.uk>
System-ID: [en] (SuSE-9.3 64-bit)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: freebsd-questions@freebsd.org
Subject: Re: 6.0, allow remote logging?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2006 07:33:01 -0000

At Sat, 4 Feb 2006 it looks like Matthew Seaman composed:

> Bill Schoolcraft wrote:
> > But when I go to check an see if the external port 514/udp is open I
> > get nothing showing:
> > 
> > #############################################################
> > 
> > [root@logserv ~]-> nmap localhost
> > 
> > (The 1660 ports scanned but not shown below are in state: closed)
> > PORT   STATE SERVICE
> > 22/tcp open  ssh
> > 25/tcp open  smtp
> > 80/tcp open  http
> > 
> > #############################################################
> 
> Umm... by default nmap only scans /TCP/ ports.  syslog is a /UDP/ service.
> 
> Try sockstat(1) to see what network ports processes are listening on, and
> use nmap like so to scan for UDP listeners:
> 
>     # nmap -sU -p U:1-8080 hostname
> 
> Note that UDP scans intrinsically tend to take a lot longer than TCP scans --
> the nmap(1) man page explains why -- so don't try scanning too many ports at
> once, or you'll be waiting years for a result.
> 

Thanks Matthew for the above example.  I tried it and nothing came
up as open.  And my 'ps -auxw' output shows syslogd running with the
"-s <ipaddr>" too.  I wonder how to trigger that port to receive
packets.  Apparently syslogd believes all is well. :(

TIA

-- 
Bill Schoolcraft       |  Life's journey is not to arrive at the
PO Box 210076          |  grave safely in a well preserved body,
San Francisco,CA 94121 |  but rather to skid in sideways, totally
http://wiliweld.com    |  spent, yelling "holy shit, what a ride!"