[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Probably silly Q



On Wednesday 08 March 2006 11:37, Roger Heflin wrote:
>> > Ok, I've inserted that line in services thats needed for
>>
>> that to work,
>>
>> > syslog          514/udp
>> >
>> > And added the -r option to OPTIONS in the syslog file in
>> > /etc/sysconfig, SIGHUPed syslogd, and turned the routers
>>
>> forwarding of
>>
>> > the access log to the main 192.168.x.x address of that
>>
>> machine.  But
>>
>> > nothing is appearing in either all.log or any other log
>>
>> with a recent timestamp.
>>
>> > Did I miss something?  Or is the linksys BEFSR41 routers logging
>> > to some other unk (udp/tcp) port besides 514?
>>
>> ----
>> Let's keep this on list OK?
>>
>> Firewall on Linux system blocking port 514 protocol UDP?
>>
>> Logging will go into /var/log/messages unless you redirect it
>> via syslog.conf # man syslog.conf
>
>Linksys sends snmptraps to the snmptrap port (161)
>(man snmptrapd) this is a standard service that will listen to this
>port and do whatever is configured with the data (save it to syslog,
>or to elsewhere, and/or even execute scripts to process the incomming
>data), it can be  checkconfig'ed on and will put the messages
>into whatever is configured by snmptrapd.

Just installed it.  It appears to be working albeit its too verbose and 
full of itself, and rather quiet in terms of real details, I'd like it 
to attempt reverse lookups, which it isn't.  But it does give me the ip 
address, and the direction packet went by at least.  I also setup a 
logrotate.d entry for it, hopefuly that will work.  And its still 
sending to the boxes real address.

>I have been using it for years on both Windows and Linux.  snmptraps
>are os independent, where as syslog in typically unix only.
>
>You can also set the ip address to send it to, to be .255 and it
>will nicely broadcast on your local subnet.
>
>                             Roger

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]