hello guys:
i am trying to use the server as an offline syslog server for my home gateway router but it is not working. the home gateway router is xxx.xxx.xxx.1.
---- udp port 514 is open
---- settings in rc.conf
---- per freebsd handbook, https://docs.freebsd.org/doc/7.4-RELEASE/usr/share/doc/handbook/network-syslogd.html, i have following settings:
---- from tcpdump:
---- but nothing logged:
thanks
_dave
i am trying to use the server as an offline syslog server for my home gateway router but it is not working. the home gateway router is xxx.xxx.xxx.1.
---- udp port 514 is open
Code:
user@server:~:$ sudo netstat -na
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 xxx.xxx.xxx.xxx.22 xxx.xxx.xxx.50.60806 ESTABLISHED
tcp4 0 0 *.22 *.* LISTEN
tcp6 0 0 *.22 *.* LISTEN
tcp4 0 0 127.0.0.1.53 *.* LISTEN
tcp6 0 0 ::1.53 *.* LISTEN
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
udp4 0 0 127.0.0.1.53 *.*
udp6 0 0 ::1.53 *.*
Starting Nmap 7.91 ( [URL]https://nmap.org[/URL] ) at 2021-03-07 14:34 EST
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.0051s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
514/udp open|filtered syslog
MAC Address: xx:xx:xx:xx:xx:xxx (Foxconn)
Nmap done: 1 IP address (1 host up) scanned in 16.99 seconds
Code:
syslogd_enable="YES"
syslogd_flags="-s -a xxx.xxx.xxx.1 -vv"
Code:
+xxx.xxx.xxx.1
*.* /var/log/logclient.log
Code:
14:51:38.327222 IP xxx.xxx.xxx.1.syslog > xxx.xxx.xxx.xxx.syslog: SYSLOG daemon.info, length: 14
Code:
-rw-r--r-- 1 root wheel 0 Mar 3 18:01 /var/log/logclient.log
_dave