FC1 syslogd configuration to accept remote messages
ronn at emm.org
Fri Jul 9 17:38:24 UTC 2004
> > I'm trying to configure a ZyWALL 35 and syslog on an FC1 box for
> > logging. The firewall's syslog settings are:
> > Active [X]
> > Syslog Server "FC1 box's private ip address"
> > Log Facility Local1
> > On the FC1 box, I edited /etc/rc.d/init.d/syslog.
> > Specifically, the line:
> > SYSLOGD_OPTIONS="-m 0 -r"
> > I added the ' -r'.
> Maybe your environment need the -x switch too?
According to the man page for syslogd, the -x option disables name
lookups when receiving remote messages to prevent deadlocks when the
nameserver is running on the same system as the syslog daemon. This is
not the case; DNS is running on a different system.
> > /etc/syslog.conf was also edited. The line:
> > local1.* /var/log/zyxel/zw30.log
> > 'man syslogd' on the FC1 box states that in addition to starting
> > the '-r' option, the /etc/services file must have the line:
> > 'syslog 514/udp'
> You must get following on the Fedora host:
> $ netstat -ualpen | grep 514
> udp 0 0 0.0.0.0:514 0.0.0.0:* 0
> 689295 31427/syslogd
I don't see this result or anything 'like' it. It seems that syslogd is
not accepting remote messages on 514/UDP, but why? Is the
SYSLOGD_OPTIONS line incorrect in some way?
Thank you for your suggestions!
More information about the users