I'm facing on new trouble. I updated all ports (
It was 9.3-RELEASE-p10 and still -p10, this doesn't matter.
This is a server I access with WinSCP (I also updated WinSCP to version 5.7) and then open the PuTTY shell when I need it. In those PuTTY shells I receive Syslog messages, well the router messages. My router send syslog messages to the server, my syslog.conf is this
I moved last line *.emerg * at the end of the file because the only messages I saw was of type router.emerg (the bridge1 device no more exists). The messages I receive are usual router messages like
And the file router.log is filled with the same lines.
This happen on all shells I open (pts/0, pts/1, etc.)
portmaster
) and system ( freebsd-update
today).
Code:
#uname -a
FreeBSD torpiken.freethread.lan 9.3-RELEASE-p10 FreeBSD 9.3-RELEASE-p10 #0: Tue Feb 24
21:28:03 UTC 2015 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
It was 9.3-RELEASE-p10 and still -p10, this doesn't matter.
This is a server I access with WinSCP (I also updated WinSCP to version 5.7) and then open the PuTTY shell when I need it. In those PuTTY shells I receive Syslog messages, well the router messages. My router send syslog messages to the server, my syslog.conf is this
Code:
# $FreeBSD: releng/9.3/etc/syslog.conf 238473 2012-07-15 10:55:43Z brueffer $
#
# Spaces ARE valid field separators in this file. However,
# other *nix-like systems still insist on using tabs as field
# separators. If you are sharing this file between systems, you
# may want to use only tabs as field separators here.
# Consult the syslog.conf(5) manpage.
*.err;kern.warning;auth.notice;mail.crit /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
*.=debug /var/log/debug.log
# uncomment this to log all writes to /dev/console to /var/log/console.log
# touch /var/log/console.log and chmod it to mode 600 before it will work
#console.info /var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
#*.* /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.* @loghost
# uncomment these if you're running inn
# news.crit /var/log/news/news.crit
# news.err /var/log/news/news.err
# news.notice /var/log/news/news.notice
# Messages from 'router.freethread.lan'
+router.freethread.lan
*.* /var/log/router.log
+bridge1.freethread.lan
*.* /var/log/bridge1.log
+*
!ppp
*.* /var/log/ppp.log
!*
*.emerg *
I moved last line *.emerg * at the end of the file because the only messages I saw was of type router.emerg (the bridge1 device no more exists). The messages I receive are usual router messages like
Code:
Message from syslogd@router at Mar 21 16:03:53 ...
<user.emerg> router kernel: [SysLog]: [LAN access from remote] from xx.xxx.xxx.xxx:57337 to 192.168.xxx.xxx:21320,
Message from syslogd@router at Mar 21 16:04:23 ...
<user.emerg> router kernel: [SysLog]: [LAN access from remote] from xxx.x.xx.x:53 to 192.168.xxx.xxx:35321,
And the file router.log is filled with the same lines.
This happen on all shells I open (pts/0, pts/1, etc.)