syslogd: Remote Logging busted?
Kevin Oberman
kob6558 at gmail.com
Sat Oct 29 03:30:29 UTC 2011
On Fri, Oct 28, 2011 at 7:22 PM, Larry Rosenman <ler at lerctr.org> wrote:
>
> I enabled remote logging for my home subnet, and syslogd doesn't seem(!) to
> be logging the messages.
>
> They ARE making it to the system.
>
> Can someone look at bin/162135 which has all the details, including
> tcpdump to show that the messages are making it to the system.
Just to be clear, you are running tcpdump on borg, right? The
statement "This is from my Cable Modem:" confuses me a bit.
Assuming tcpdump is on borg, it is making past any firewall (pf or
ipfw, at least). What about /etc/hosts.allow? I don't recall if it
filters before or after pcap see packets. I used to have a diagram
showing the sequence of processing this, but I can't seem to find it
now.
What does "netstat -af inet | grep syslog" show? Is syslogd actually listening?
--
R. Kevin Oberman, Network Engineer
E-mail: kob6558 at gmail.com
More information about the freebsd-current
mailing list