Wow. Just...wow. I made a total rook mistake from the "Why didn't I think of this before?" file. I had to change the IP address in /etc/sysconfig/network-scripts/if-eth0 from DHCP to a static IP. Rebooted the box; now it works fine. I need a drink.
<br><br><div><span class="gmail_quote">On 4/3/07, <b class="gmail_sendername">Claude Felizardo</b> <<a href="mailto:cafelizardo@gmail.com">cafelizardo@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 4/2/07, Joel Witherspoon <<a href="mailto:joel.witherspoon@gmail.com">joel.witherspoon@gmail.com</a>> wrote:<br>><br>> Are you sure you restarted syslogd after modifying your config files?<br>><br>> Yep. Several times. Ran syslog -d as well. It doesn't show as writing to a
<br>> file.<br>><br>> Do you have a local local firewall on your receiving server? I use<br>> shorewall so I had to add an explicit rule to allow udp 514 packets.<br>><br>> Took iptables down. SELinux isn't even installed. I can see the UDP traffic
<br>> coming in, but I can't get it to write to file.<br><br>[snip]<br><br>Okay, just going through a check list here. Are you sure there is<br>space on the device? Permission problems? mounted read-only?<br><br>
perhaps there's an error in your config file. Are any of the other<br>logs being updated? Here's are my entries for my router:<br><br>## log router messages<br>local6.*<br>-/var/log/router.log<br>local6.* /dev/tty11
<br><br>I believe the dash prefixed to the filename means syslogd should flush<br>after each write to prevent messages from getting lost during a crash.<br> Probably not needed and should not be used for a high rate log.<br>
<br>regarding iptables. with shorewall, even if you shut it down, it<br>still leaves some default rules that filter things out. Have you<br>tried a simple reboot? Perhaps something else got hosed?<br><br>claude<br></blockquote>
</div><br>