Date: Sat, 12 Jan 2008 15:50:45 -0600 From: Jeffrey Goldberg <jeffrey@goldmark.org> To: Andy Greenwood <greenwood.andy@gmail.com> Cc: User questions <freebsd-questions@freebsd.org> Subject: Re: syslogd not reading messages from a remote machine Message-ID: <53AFE19A-173F-43AC-BF68-972FFD12029E@goldmark.org> In-Reply-To: <47879080.6040208@gmail.com> References: <47879080.6040208@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 11, 2008, at 9:51 AM, Andy Greenwood wrote: > I have recently set up a Fortigate-60 to run as a firewall/vpn on my > home network. I have a FreeBSD 7.0-prerelease machine sitting behind > it in the DMZ which is running ssh/web/etc. I'm trying to get the FG > to log to the BSD box's syslog. I have set up the necessary stuff on > the FG, and can send test logs from there to the bsd box. Running > tcpdump on the bsd [...] > So I know that the packets are getting to the machine. I've set up > syslogd to accept packets from 10.10.10.1/32 in rc.conf, and > confirmed that the FG's IP should be accepted [...] > I've restarted syslogd after every change I've made, but no dice. > Can anyone shed some light on why these messages aren't logging and > what I need to do to fix it? I'm sure that there is a simple answer for getting syslogd to work properly. But after similar experiences to yours (on other systems), I now use syslog-ng (in ports) for any system that is going to be a remote syslog server. With syslog-ng, I can easily have my logs organized by originating host and day. I know this doesn't answer your syslogd question, but it might provide a useful solution for you. Cheers, -j
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53AFE19A-173F-43AC-BF68-972FFD12029E>