Hi forum.
On my home network, I have an ADSL router on 192.168.0.1 and a FreeBSD host on 192.168.0.2. The ADSL router can be configured to send its log messages to a syslog host and as I've been having connection stability issues, I thought I'd set this up to gather diagnostic information to send to my ISP.
I started by modifying /etc/rc.conf thus:
The router web interface doesn't give details of which syslog facility or severity it uses for its messages, so I ran syslogd(8) in debug mode for a short time as follows:
Here's the debug output showing a message from the router:
'pri 166' decodes to 'local4.info', so I then modified /etc/syslog.conf thus:
I created /var/log/router.log as root.
Log messages from the router are being received and logged, but they're going into /var/log/messages instead, while /var/log/router.log remains empty. I'm puzzled by this.
Closer inspection of the syslogd debug output revealed some ambiguity. It seems to be showing each router log message twice, once received from the router with priority 32 and then again from the FreeBSD host itself with priority 166.
Can anyone clarify what's going on here so that I fix the syslog configuration?
On my home network, I have an ADSL router on 192.168.0.1 and a FreeBSD host on 192.168.0.2. The ADSL router can be configured to send its log messages to a syslog host and as I've been having connection stability issues, I thought I'd set this up to gather diagnostic information to send to my ISP.
I started by modifying /etc/rc.conf thus:
Code:
> syslogd_flags="-a 192.168.0.1/32:*"The router web interface doesn't give details of which syslog facility or severity it uses for its messages, so I ran syslogd(8) in debug mode for a short time as follows:
/usr/sbin/syslogd -a 192.168.0.1/32:\* -d -v.Here's the debug output showing a message from the router:
Code:
cvthname(192.168.0.1)
validate: dgram from IP 192.168.0.1, port 52898, name router.home;
accepted in rule 0.
logmsg: pri 32, flags 0, from router, msg syslog: The user from 192.168.0.2 has logined in.
Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
logmsg: pri 166, flags 17, from atom, msg Jun 9 10:28:02 <3.2> router syslog: The user from 192.168.0.2 has logined in.'pri 166' decodes to 'local4.info', so I then modified /etc/syslog.conf thus:
Code:
< *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
> *.notice;local4.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
> +router.home
> local4.* /var/log/router.logI created /var/log/router.log as root.
Log messages from the router are being received and logged, but they're going into /var/log/messages instead, while /var/log/router.log remains empty. I'm puzzled by this.
Closer inspection of the syslogd debug output revealed some ambiguity. It seems to be showing each router log message twice, once received from the router with priority 32 and then again from the FreeBSD host itself with priority 166.
Can anyone clarify what's going on here so that I fix the syslog configuration?