bin/162135: remote syslog not logging
Larry Rosenman
ler at lerctr.org
Sat Oct 29 02:20:07 UTC 2011
>Number: 162135
>Category: bin
>Synopsis: remote syslog not logging
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Oct 29 02:20:06 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Larry Rosenman
>Release: FreeBSD 10.0-CURRENT amd64
>Organization:
LERCTR Consulting
>Environment:
System: FreeBSD borg.lerctr.org 10.0-CURRENT FreeBSD 10.0-CURRENT #5: Mon Oct 24 04:15:57 CDT 2011 root at borg.lerctr.org:/usr/obj/usr/src/sys/BORG-DTRACE amd64
>Description:
Why doesn't syslogd log these messages?
This is from my Cable Modem:
# tcpdump -vv -s 1500 host 192.168.200.10 and port 514
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 1500 bytes
21:14:21.915542 IP (tos 0x0, ttl 64, id 36817, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.bbn-mmx > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:21.916790 IP (tos 0x0, ttl 64, id 36818, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.sbook > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:21.917914 IP (tos 0x0, ttl 64, id 36819, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.editbench > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:22.665629 IP (tos 0x0, ttl 64, id 36820, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.equationbuilder > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:22.666755 IP (tos 0x0, ttl 64, id 36821, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.lotusnote > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:22.667880 IP (tos 0x0, ttl 64, id 36822, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.relief > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3230 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:23.428957 IP (tos 0x0, ttl 64, id 36823, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.rightbrain > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3231 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:23.430206 IP (tos 0x0, ttl 64, id 36824, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.intuitive-edge > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3231 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
21:14:23.431580 IP (tos 0x0, ttl 64, id 36825, offset 0, flags [none], proto UDP (17), length 176)
192.168.200.10.cuillamartin > borg.syslog: [udp sum ok] SYSLOG, length: 148
Facility local0 (16), Severity alert (1)
Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
0x0000: 3c31 3239 3e4f 6374 2032 3920 3032 3a31
0x0010: 343a 3231 2032 3031 3120 5359 534c 4f47
0x0020: 5b30 5d3a 205b 486f 7374 2031 3932 2e31
0x0030: 3638 2e32 3030 2e31 305d 2055 4450 2031
0x0040: 3932 2e31 3638 2e32 3030 2e31 3038 2c31
0x0050: 3337 202d 2d3e 2031 3932 2e31 3638 2e32
0x0060: 3030 2e32 3535 2c31 3337 2044 454e 593a
0x0070: 2049 6e62 6f75 6e64 206f 7220 6f75 7462
0x0080: 6f75 6e64 2061 6363 6573 7320 7265 7175
0x0090: 6573 7420
^C
9 packets captured
72 packets received by filter
0 packets dropped by kernel
The syslog flags:
syslogd_flags="-n -a 192.168.200.10 -a 192.168.200.0/24"
And /etc/syslog.conf:
# $FreeBSD: src/etc/syslog.conf,v 1.30 2009/06/11 15:07:02 avg Exp $
#
# Spaces ARE valid field separators in this file. However,
# other *nix-like systems still insist on using tabs as field
# separators. If you are sharing this file between systems, you
# may want to use only tabs as field separators here.
# Consult the syslog.conf(5) manpage.
*.err;kern.warning;auth.notice;mail.crit;local0.alert /dev/console
*.info;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.* /var/log/messages
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
*.=debug /var/log/debug.log
*.emerg *
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info /var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
*.* /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.* @loghost
# uncomment these if you're running inn
# news.crit /var/log/news/news.crit
# news.err /var/log/news/news.err
# news.notice /var/log/news/news.notice
!ppp
*.* /var/log/ppp.log
!*
Tail of /var/log/messages:
Oct 28 16:01:41 borg sshd[67672]: Accepted publickey for ler from 32.97.110.60 port 25947 ssh2
Oct 28 16:02:03 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/tail /var/log/all.log
Oct 28 16:02:10 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/tail -f /var/log/all.log
Oct 28 16:02:24 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/grep 192.168.200 /var/log/all.log
Oct 28 16:05:00 borg /usr/sbin/cron[67703]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:10:00 borg /usr/sbin/cron[67730]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 65 to 64
Oct 28 16:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 35 to 36
Oct 28 16:11:00 borg /usr/sbin/cron[67738]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:15:00 borg /usr/sbin/cron[67770]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:16:37 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
Oct 28 16:20:00 borg /usr/sbin/cron[67797]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:22:00 borg /usr/sbin/cron[67809]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:25:00 borg /usr/sbin/cron[67836]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:30:00 borg /usr/sbin/cron[67863]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:33:00 borg /usr/sbin/cron[67880]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:35:00 borg /usr/sbin/cron[67902]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:40:00 borg /usr/sbin/cron[67929]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:44:00 borg /usr/sbin/cron[67952]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:45:00 borg /usr/sbin/cron[67969]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:50:00 borg /usr/sbin/cron[67996]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:55:00 borg /usr/sbin/cron[68025]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:55:00 borg /usr/sbin/cron[68024]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:00:00 borg /usr/sbin/cron[68064]: (root) CMD (newsyslog)
Oct 28 17:00:00 borg /usr/sbin/cron[68065]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:00:00 borg /usr/sbin/cron[68066]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:05:00 borg /usr/sbin/cron[68103]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:08:41 borg ntpd[1296]: synchronized to 63.211.239.58, stratum 2
Oct 28 17:10:00 borg /usr/sbin/cron[68130]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 62
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 38
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 63
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 37
Oct 28 17:11:00 borg /usr/sbin/cron[68138]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:15:00 borg /usr/sbin/cron[68170]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:20:00 borg /usr/sbin/cron[68197]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:22:00 borg /usr/sbin/cron[68209]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:25:00 borg /usr/sbin/cron[68236]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:30:00 borg /usr/sbin/cron[68263]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:33:00 borg /usr/sbin/cron[68280]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:35:00 borg /usr/sbin/cron[68302]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:40:00 borg /usr/sbin/cron[68329]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:40:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 62 to 63
Oct 28 17:40:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 38 to 37
Oct 28 17:44:00 borg /usr/sbin/cron[68352]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:45:00 borg /usr/sbin/cron[68369]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:50:00 borg /usr/sbin/cron[68396]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:55:00 borg /usr/sbin/cron[68424]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:55:00 borg /usr/sbin/cron[68425]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:00:00 borg /usr/sbin/cron[68464]: (root) CMD (newsyslog)
Oct 28 18:00:00 borg /usr/sbin/cron[68465]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:00:00 borg /usr/sbin/cron[68466]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:05:00 borg /usr/sbin/cron[68503]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:10:00 borg /usr/sbin/cron[68530]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:11:00 borg /usr/sbin/cron[68538]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:15:00 borg /usr/sbin/cron[68570]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:20:00 borg /usr/sbin/cron[68597]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:22:00 borg /usr/sbin/cron[68609]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:25:00 borg /usr/sbin/cron[68636]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:30:00 borg /usr/sbin/cron[68663]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:33:00 borg /usr/sbin/cron[68680]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:35:00 borg /usr/sbin/cron[68702]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:40:00 borg /usr/sbin/cron[68729]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:40:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 64
Oct 28 18:40:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 36
Oct 28 18:42:02 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
Oct 28 18:44:00 borg /usr/sbin/cron[68752]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:45:00 borg /usr/sbin/cron[68769]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:45:49 borg sshd[68774]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:51 borg sshd[68776]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:52 borg sshd[68778]: Invalid user shit from 121.207.230.69
Oct 28 18:45:52 borg sshd[68778]: input_userauth_request: invalid user shit [preauth]
Oct 28 18:45:53 borg sshd[68778]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:55 borg sshd[68780]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:57 borg sshd[68783]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:59 borg sshd[68785]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:01 borg sshd[68787]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:03 borg sshd[68789]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:05 borg sshd[68791]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:07 borg sshd[68793]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:09 borg sshd[68795]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:11 borg sshd[68797]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:12 borg sshd[68799]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:14 borg sshd[68802]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:16 borg sshd[68805]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:18 borg sshd[68807]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:20 borg sshd[68809]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:22 borg sshd[68811]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:24 borg sshd[68813]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:26 borg sshd[68815]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:28 borg sshd[68817]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:30 borg sshd[68819]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:32 borg sshd[68821]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:34 borg sshd[68823]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:36 borg sshd[68826]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:38 borg sshd[68828]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:40 borg sshd[68830]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:42 borg sshd[68832]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:44 borg sshd[68835]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:44 borg sshd[68835]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:44 borg sshd[68835]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:46 borg sshd[68837]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:46 borg sshd[68837]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:46 borg sshd[68837]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:48 borg sshd[68839]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:48 borg sshd[68839]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:48 borg sshd[68839]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:50 borg sshd[68841]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:50 borg sshd[68841]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:50 borg sshd[68841]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:52 borg sshd[68843]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:52 borg sshd[68843]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:52 borg sshd[68843]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:54 borg sshd[68845]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:54 borg sshd[68845]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:54 borg sshd[68845]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:54 borg sshd[68847]: refused connect from 121.207.230.69 (121.207.230.69)
Oct 28 18:50:00 borg /usr/sbin/cron[68865]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:55:00 borg /usr/sbin/cron[68893]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:55:00 borg /usr/sbin/cron[68894]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:00:00 borg /usr/sbin/cron[68934]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:00:00 borg /usr/sbin/cron[68933]: (root) CMD (newsyslog)
Oct 28 19:00:00 borg /usr/sbin/cron[68935]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:05:00 borg /usr/sbin/cron[68972]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:10:00 borg /usr/sbin/cron[68999]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 65
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 35
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 63
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 37
Oct 28 19:11:00 borg /usr/sbin/cron[69007]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:15:00 borg /usr/sbin/cron[69039]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:20:00 borg /usr/sbin/cron[69066]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:22:00 borg /usr/sbin/cron[69078]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:25:00 borg /usr/sbin/cron[69105]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:30:00 borg /usr/sbin/cron[69132]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:33:00 borg /usr/sbin/cron[69149]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:35:00 borg /usr/sbin/cron[69171]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:40:00 borg /usr/sbin/cron[69198]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:40:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 65 to 64
Oct 28 19:40:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 35 to 36
Oct 28 19:44:00 borg /usr/sbin/cron[69221]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:45:00 borg /usr/sbin/cron[69238]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:50:00 borg /usr/sbin/cron[69271]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:55:00 borg /usr/sbin/cron[69302]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:55:00 borg /usr/sbin/cron[69303]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:00:00 borg /usr/sbin/cron[69343]: (root) CMD (newsyslog)
Oct 28 20:00:00 borg /usr/sbin/cron[69342]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:00:00 borg /usr/sbin/cron[69344]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:05:00 borg /usr/sbin/cron[69381]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:08:37 borg kernel: arp: 192.168.200.10 moved from 2c:9e:5f:f8:d9:a3 to d8:b3:77:f1:b2:61 on em0
Oct 28 20:10:00 borg /usr/sbin/cron[69408]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 62
Oct 28 20:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 38
Oct 28 20:11:00 borg /usr/sbin/cron[69416]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:12:25 borg kernel: arp: 192.168.200.10 moved from d8:b3:77:f1:b2:61 to 2c:9e:5f:f8:d9:a3 on em0
Oct 28 20:15:00 borg /usr/sbin/cron[69451]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:20:00 borg /usr/sbin/cron[69478]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:22:00 borg /usr/sbin/cron[69490]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:25:00 borg /usr/sbin/cron[69517]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:30:00 borg /usr/sbin/cron[69544]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:33:00 borg /usr/sbin/cron[69561]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:33:29 borg ntpd[1296]: synchronized to 63.211.239.58, stratum 2
Oct 28 20:33:35 borg sshd[69574]: Accepted publickey for ler from 192.168.200.103 port 51503 ssh2
Oct 28 20:33:39 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 20:35:00 borg /usr/sbin/cron[69593]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:40:00 borg /usr/sbin/cron[81187]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:40:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 62 to 63
Oct 28 20:44:00 borg /usr/sbin/cron[97243]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:45:00 borg /usr/sbin/cron[98575]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:50:00 borg /usr/sbin/cron[98602]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:55:00 borg /usr/sbin/cron[98640]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:55:00 borg /usr/sbin/cron[98641]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:55:37 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:00:00 borg /usr/sbin/cron[22210]: (root) CMD (newsyslog)
Oct 28 21:00:00 borg /usr/sbin/cron[22211]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 21:00:00 borg /usr/sbin/cron[22212]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:05:00 borg /usr/sbin/cron[49378]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:10:00 borg /usr/sbin/cron[66044]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada2, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 63 to 64
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 62 to 63
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 38 to 37
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 64
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 36
Oct 28 21:11:00 borg /usr/sbin/cron[66745]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 21:11:54 borg postgres[1374]: [2-1] LOG: received fast shutdown request
Oct 28 21:11:54 borg postgres[1374]: [3-1] LOG: aborting any active transactions
Oct 28 21:11:54 borg postgres[1380]: [2-1] LOG: autovacuum launcher shutting down
Oct 28 21:11:54 borg postgres[1378]: [1-1] LOG: shutting down
Oct 28 21:11:54 borg postgres[1378]: [2-1] LOG: database system is shut down
Oct 28 21:11:55 borg postgres[69862]: [1-1] LOG: database system was shut down at 2011-10-28 21:11:54 CDT
Oct 28 21:11:55 borg postgres[69861]: [1-1] LOG: database system is ready to accept connections
Oct 28 21:11:55 borg postgres[69865]: [1-1] LOG: autovacuum launcher started
Oct 28 21:12:34 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:13:28 borg sudo: ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:13:56 borg kernel: em0: promiscuous mode enabled
Oct 28 21:13:56 borg kernel: em0: promiscuous mode disabled
Oct 28 21:14:14 borg kernel: em0: promiscuous mode enabled
Oct 28 21:14:26 borg kernel: em0: promiscuous mode disabled
Oct 28 21:15:00 borg /usr/sbin/cron[69944]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:16:12 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
>How-To-Repeat:
Set up syslog as above, and enable remote logging, and note no logging
>Fix:
unknown
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list