Router logging -
Steven Stern
subscribed-lists at sterndata.com
Sat Aug 11 21:26:29 UTC 2012
On 08/11/2012 04:21 PM, Bob Goodwin - Zuni, Virginia, USA wrote:
> On 11/08/12 11:24, Steven Stern types:
>> On 08/11/2012 09:49 AM, Bob Goodwin - Zuni, Virginia, USA wrote:
>>> I'm looking for a Linux application for logging the output from a
>>> Cisco/Linksys WRT54GL/tomato ver. 1.28 router. I've been googling
>>> and everything I've found seems for Windows [Surprise!].
>>>
>>> I need a detailed log, preferably one that will tell me which
>>> computer on my LAN is going where so I can deal with high usage
>>> problems. This is for Fedora 17/64 bit.
>>>
>>> What do I need?
>>>
>>> Bob
>>>
>>> -- http://www.qrz.com/db/W2BOD
>>>
>>> box9
>>>
>> Does the router support rsyslog? My D-Link router has an option to use
>> rsyslog for logging. I use that to send the logs to one of my Linux
>> boxes on which I enabled remote logs for the router's IP address.
>>
>> This website indicates it is possible to configure the router:
>> http://adminscoffe.wordpress.com/2010/04/08/rsyslog-captures-wrt54gl-tomatos-logs/
>>
>>
>
> It looks like he was dealing with another version of Linux.
>
> I found a place where I could make the changes he suggest
> [/etc/rsyslog.conf]:
>
> # Provides UDP syslog reception
> $ModLoad imudp
> $UDPServerRun 514
>
> Then I need to find where the logs go or better yet send them to a
> file like /home/bobg/Ulog in this computer [192.168.1.9]. He suggests:
>
> 2. (Optional) Create the file /etc/rsyslogd.d/openwrt.conf with
> the following contents:
>
> :source, isequal, "myrouter.mydomain" /var/log/mylogfile.log
> :source, isequal, "myrouter.mydomain" ~
>
> I created that file but I don't think it is recognized by the
> version of rsyslog in Fedora-17?
>
Here are the relevant lines from my conf file:
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
## hosts from which we accept logs ##
:fromhost-ip,isequal,"192.168.123.51" /var/log/router.log
& ~
Then, I opened port 514 on the firewall and checked the "Use syslog"
option on my router.
More information about the users
mailing list