----- Original Message ----- From: "Balazs Scheidler" <bazsi@balabit.hu> To: <syslog-ng@lists.balabit.hu> Sent: Monday, October 27, 2003 5:12 PM Subject: Re: [syslog-ng]Some device doesn't write to file
On Mon, Oct 27, 2003 at 04:54:51PM +0800, Santa Lau wrote:
I think you should attach strace to the syslog-ng process and check whether it really receives log messages (you should see recvfrom() lines for each message received), it might also be possible that syslog-ng blocks on DNS for example.
Thanks for your tips. I use strace to trace the network activity(strace -e network syslog-ng -F). I only found the IP which has logs. It is different from the result of tcpdump.
Maybe your packet filter drops those messages?
--
Well. The ipchains/iptables has all been disabled. Is there any other locations which I should pay attention? B. Regards, Santa