Connection Attempt to UDP Messages

G

goosed

Hi all, not sure if this is the right subforum, but I figured I'd ask.

I'm getting 1000's of messages on my system console. They consist of:

Code: 
Connection attempt to UDP 192.168.2.101:514 from 192.168.2.62:1053

192.168.2.101 is the internal IP of my BSD server, and 192.168.2.62 is the internal IP of my Mail server.

My question is why is this happening, and what can I do to correct it? Thank you.
 
Udp/514 is syslog. Did you setup remote logging on your mailserver?
 
You will have to instruct your BSD's syslog to accept the external syslog traffic, in this case by adding '-a 192.168.2.62' to your syslog flags in rc.conf (see man syslogd).
 
Hmm, I read the man for syslog, and the "-a" switch does do what you say. However I'm using rsyslogd. "-a" for rsyslog allows additional sockets to listen on. Unfortunately I did not see any similar switches in the rsyslog man.
 
Considering the reply you already got here I will have to assume that rsyslog, by default, accepts syslog traffic from any host, leaving it up to a firewall to allow or disallow those hosts. So you'll have to look into whatever firewall your BSD box may be running.
 
You must log in or register to reply here.
Back
Top