Hello Davind, David Mallwitz wrote:
Micha, Since you are using private IP addressing space, and you don't indicate that you have a DNS set up to resolve the xenia and kaliba names it may be better for you to try something like:
filter xenia { host("192.168.1.2"); };
sorry that i do not mention it. I am using djbdns as DNS Server. The filter statement "filter f_xenia { match("xenia"); };" should catch syslog messages like this: Feb 24 15:57:08 xenia EoChn: IN=ppp0 OUT= MAC= SRC=217.126.110.12 \ DST=217.227.156.180 LEN=46 TOS=0x00 PREC=0x00 TTL=115 ID=44191 \ PROTO=UDP SPT=1260 DPT=4665 LEN=26 It was not intend to catch the host primary. Just match the string xenia in the correspondig syslog message. Is (from this point of view) my filter statement right? Best regards, Micha Holzmann -- rm -rf; remote mail; real fast.