From owner-freebsd-questions@FreeBSD.ORG Tue Feb 6 12:01:07 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 74F7616A402 for ; Tue, 6 Feb 2007 12:01:07 +0000 (UTC) (envelope-from a@jenisch.at) Received: from srvdmz13.oekb.co.at (srvdmz13.oekb.co.at [143.245.5.103]) by mx1.freebsd.org (Postfix) with ESMTP id CD7A513C4A3 for ; Tue, 6 Feb 2007 12:01:06 +0000 (UTC) (envelope-from a@jenisch.at) X-SEF-Processed: 5_0_0_910__2007_02_06_12_00_10 X-SEF-7853D99-ADF1-478E-8894-213D316B8FFA: 1 Received: from msc01-n1 [143.245.2.187] by srvdmz13.oekb.co.at - SurfControl E-mail Filter (5.2.1); Tue, 06 Feb 2007 12:00:10 +0100 Received: from aurora.oekb.co.at ([143.245.9.16]) by MAIL1.oekb.co.at with Microsoft SMTPSVC(6.0.3790.2499); Tue, 6 Feb 2007 12:00:10 +0100 Received: from aurora.oekb.co.at (localhost.oekb.co.at [127.0.0.1]) by aurora.oekb.co.at (8.13.8/8.13.8) with ESMTP id l16B09Br093094 for ; Tue, 6 Feb 2007 12:00:09 +0100 (CET) (envelope-from a@jenisch.at) Received: (from ej@localhost) by aurora.oekb.co.at (8.13.8/8.13.8/Submit) id l16B09ro093093 for freebsd-questions@freebsd.org; Tue, 6 Feb 2007 12:00:09 +0100 (CET) (envelope-from a@jenisch.at) X-Authentication-Warning: aurora.oekb.co.at: ej set sender to a@jenisch.at using -f Date: Tue, 6 Feb 2007 12:00:09 +0100 From: Ewald Jenisch To: freebsd-questions@freebsd.org Message-ID: <20070206110009.GA93053@aurora.oekb.co.at> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.2i X-OriginalArrivalTime: 06 Feb 2007 11:00:10.0130 (UTC) FILETIME=[F8092F20:01C749DD] Subject: syslog from Cisco -> FreeBSD not working X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Feb 2007 12:01:07 -0000 Hi, I'm running into a problem configuring my syslogd in order to accept messages from Routers (Cisco). Here's what I did in my syslog.conf: local7.* /var/log/cisco-syslog Fields are separated by tabs of course In /etc/rc.conf I've got the following: syslogd_flags="-a 192.168.0.0/16" matching my local network. Unfortunately I don't see anything in my syslog from the router(s). I fired up tcpdump and sure enough the syslog-packets originating from the router hit my machine. To further track this down I changed the above line in syslog.conf to read +myrouter local7.* /var/log/cisco-syslog +* Again, no syslog messages. Next try: /etc/syslog.conf: local7.* /var/log/debug.log Again, no entry in the log Sure enough I restared syslogd between every test; also I have the fields in syslog.conf separted by tabs and the log-files in questions are existent with and chmod-ed 600. Any ideas what could be wrong here - or put in another way - has anybody out there got logging from Ciscos towards a FreeBSD box running? TIA for your help! -ewald