[SGVLUG] PIX Logging to syslog
Joel Witherspoon
joel.witherspoon at gmail.com
Tue Apr 3 15:38:58 PDT 2007
Wow. Just...wow. I made a total rook mistake from the "Why didn't I think of
this before?" file. I had to change the IP address in
/etc/sysconfig/network-scripts/if-eth0 from DHCP to a static IP. Rebooted
the box; now it works fine. I need a drink.
On 4/3/07, Claude Felizardo <cafelizardo at gmail.com> wrote:
>
> On 4/2/07, Joel Witherspoon <joel.witherspoon at gmail.com> wrote:
> >
> > Are you sure you restarted syslogd after modifying your config files?
> >
> > Yep. Several times. Ran syslog -d as well. It doesn't show as writing to
> a
> > file.
> >
> > Do you have a local local firewall on your receiving server? I use
> > shorewall so I had to add an explicit rule to allow udp 514 packets.
> >
> > Took iptables down. SELinux isn't even installed. I can see the UDP
> traffic
> > coming in, but I can't get it to write to file.
>
> [snip]
>
> Okay, just going through a check list here. Are you sure there is
> space on the device? Permission problems? mounted read-only?
>
> perhaps there's an error in your config file. Are any of the other
> logs being updated? Here's are my entries for my router:
>
> ## log router messages
> local6.*
> -/var/log/router.log
> local6.* /dev/tty11
>
> I believe the dash prefixed to the filename means syslogd should flush
> after each write to prevent messages from getting lost during a crash.
> Probably not needed and should not be used for a high rate log.
>
> regarding iptables. with shorewall, even if you shut it down, it
> still leaves some default rules that filter things out. Have you
> tried a simple reboot? Perhaps something else got hosed?
>
> claude
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20070403/bead4ea8/attachment.html
More information about the SGVLUG
mailing list