On 25.03.20 18:29, William Luiz Ribeiro Vasconcelos Da Silva wrote:
The IP from mgalnxa01 is 10.96.145.42
I then have explained it in my first post to this thread. https://lists.balabit.hu/pipermail/syslog-ng/2020-March/025798.html
This its example from tcpdump
/usr/sbin/tcpdump -vn port 9514 -i eth1
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes 14:11:19.670962 IP (tos 0x20, ttl 251, id 16868, offset 0, flags [none], proto UDP (17), length 244) 10.96.145.98.syslog > 10.96.145.42.9514: SYSLOG, length: 216
these packets come from port 514 on 10.96.145.98, to port 9514 on your machine 10.96.145.42. Your machine's syslog listens on port 514 (10.96.145.42:514) so it won't see packets that are coming to port 9514. -- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. There's a long-standing bug relating to the x86 architecture that allows you to install Windows. -- Matthew D. Fuller