I got it working here is what I had to do and it was the syslog config on the freebsd box.
1. Put in /etc/syslog.conf +gate.bpsnetworks.com (or whatever hostname) *.* /var/log/bernie-rtr.log 2. Start syslog with: syslogd -a "gate.bpsnetworks.com:*" ( (your hostname goes there) -----Original Message----- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 10, 2002 2:02 PM To: [EMAIL PROTECTED] Subject: Re: Pix logging to a Freebsd syslog server [7:51124] Is it really the source port? Normally the destination port is UDP 514. Does it care what the source port is? Gaz ""HORVATH TAMAS"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Helo! > > To Neal Rauhauser : If you don't specify source port, the PIX (OS 6.x) will > send syslog messages from UDP port 514!! You can change this to whatever > from range 1025-65535 : for example: logging host inside 192.168.11.4 udp/1025 > > So I think this is not a problem, if the FreeBSD syslogd expects the packets > to be sourced from UDP port 514. > ---------------- > > To Elijah Savage: Did you checked the connections among syslog host and PIX > inside interface, and IP adressess and mask? If they will correct then the > problem will be in the FreeBSD syslogd config, because your PIX config is > good. > > BIe, HT! > > -----Original Message----- > From: Neal Rauhauser [mailto:[EMAIL PROTECTED]] > Sent: Saturday, August 10, 2002 11:38 AM > To: [EMAIL PROTECTED] > Subject: Re: Pix logging to a Freebsd syslog server [7:51124] > > > The Cisco logging facility on a router uses a random high port as the > source for the syslog packets. I assume the PIX is the same since you're > having trouble. The FreeBSD syslogd expects the packets to be sourced > from port 514. You can try the flag that supposedly allows syslogd to > take random source ports, but it doesn't work :-( > > I'd strongly suggest you do what I did - just modify the syslogd > source so it doesn't check source port, compile it, then install. > > If that is beyond your C programming skills drop me a note and I can > email you the bungholed syslogd.c file and you can take it from there. > > > > Elijah Savage III wrote: > > > > Can anyone help me out with a PIX logging to a Freebsd syslog server. I > > thought I was sure about setting this up but I am not getting any > > messages on the server, see my configs below. > > > > logging on > > > > logging timestamp > > > > logging trap debugging > > > > logging facility 23 > > > > logging host inside 192.168.11.4 > > > > FreeBSD > > > > local7.debug /var/log/cisco.all > > > > I also startes syslogd with these parameters > > > > 29612 ?? Ss 0:00.03 syslogd -a 192.168.11.2/255.255.255.0 > -- > Neal Rauhauser CCNP, CCDP voice: 402-301-9555 > mailto:[EMAIL PROTECTED] fcc : k0bsd > "This is my private email devoted to various mailing lists. If you're > a twerp with an attorney and someone else's money, don't bother my > employer about the things I say, just come see me personally and we'll > discuss the situation. No names, you twerps should know who you are". Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51157&t=51124 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
