From owner-freebsd-current@FreeBSD.ORG Fri Jul 22 22:58:48 2005 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6EBF416A41F for ; Fri, 22 Jul 2005 22:58:48 +0000 (GMT) (envelope-from ml@t-b-o-h.net) Received: from vjofn.tucs-beachin-obx-house.com (vjofn.tucs-beachin-obx-house.com [204.107.90.128]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01D9643D45 for ; Fri, 22 Jul 2005 22:58:47 +0000 (GMT) (envelope-from ml@t-b-o-h.net) Received: from himinbjorg.tucs-beachin-obx-house.com (ool-44c511d8.dyn.optonline.net [68.197.17.216]) (authenticated bits=128) by vjofn.tucs-beachin-obx-house.com (8.12.9/8.12.9) with ESMTP id j6MMwkSH047148 for ; Fri, 22 Jul 2005 18:58:47 -0400 (EDT) Received: from himinbjorg.tucs-beachin-obx-house.com (localhost.tucs-beachin-obx-house.com [127.0.0.1]) by himinbjorg.tucs-beachin-obx-house.com (8.13.3/8.12.10) with ESMTP id j6MMwe4H042820 for ; Fri, 22 Jul 2005 18:58:41 -0400 (EDT) (envelope-from ml@t-b-o-h.net) Received: (from tbohml@localhost) by himinbjorg.tucs-beachin-obx-house.com (8.13.3/8.13.1/Submit) id j6MMwemi042819 for freebsd-current@freebsd.org; Fri, 22 Jul 2005 18:58:40 -0400 (EDT) (envelope-from tbohml) From: Tuc at T-B-O-H Message-Id: <200507222258.j6MMwemi042819@himinbjorg.tucs-beachin-obx-house.com> To: freebsd-current@freebsd.org Date: Fri, 22 Jul 2005 18:58:40 -0400 (EDT) X-Mailer: ELM [version 2.5 PL6] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Syslog not logging X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jul 2005 22:58:48 -0000 Hi, I'm trying to get syslog to log output from a 7 machines and 4 routers, all in the same subnet. My syslog is started as such : 301 ?? Ss 0:19.82 /usr/sbin/syslogd -l /var/run/log -l /var/named/var/run/log -a 192.168.3.0/24 my syslog.conf has : *.debug /var/log/spool For all the servers, everything is perfect. Its the routers that are a problem. When I TCPDUMP it, I get : 18:50:56.736979 IP 192.136.64.2.8888 > 192.136.64.108.514: UDP, length: 125 0x0000: 4500 0099 fe35 4000 4011 3a9f c088 4002 E....5@.@.:...@. 0x0010: c088 406c 22b8 0202 0085 b42b 3c31 343e ..@l"......+<14> 0x0020: 6634 3830 3270 2d32 2e74 2d62 2d6f 2d68 f4802p-2.t-b-o-h 0x0030: 2e6e 6574 2c20 5353 4820 6163 6365 7373 .net,.SSH.access 0x0040: 2062 7920 7573 6572 2047 4947 474c 4520 .by.user.GIGGLE. 0x0050: 6672 6f6d 2073 7263 2049 5020 3638 2e31 from.src.IP.68.1 0x0060: 3937 2e31 372e 3231 362c 2073 7263 204d 97.17.216,.src.M 0x0070: 4143 2030 3065 302e 3830 3265 2e37 3130 AC.00e0.802e.710 0x0080: 3020 7265 6a65 6374 6564 2c20 3120 6174 0.rejected,.1.at 0x0090: 7465 6d70 7428 7329 20 tempt(s). So it should be alright.... But why isn't it making it onto my /var/log/spool file?? Thanks, Tuc