Hi, We use syslog-ng to log messages from our Linux PC to one or more Windows NT PCs running a propriatary tool to display and maintain log and statistics information of a Linux app. Approx every second a log message is sent using UDP. Unfortunately, if the NT log application is not running, the NT box returns an ICMP message, stating that the chosen UDP port number is not listened to. Then syslog-ng pauses sending UDP logs, and retries after 60 seconds. It also logs a message stating that the UDP connection was broken. (which isn't true because UDP doesn't create connections) If succesfull, it then sends all (?) accumulated log messages at once. If our NT app starts immediately after syslog-ng paused, we don't receive any logging for 59 seconds... This is unwanted behaviour for our system. I know that I can have syslog-ng retry more often, but I don't want retries. Every UDP packet should "just disappear" if not delivered, and every packet should be sent anyway, thus having "below second" responsetime. (This is what happens if NT didn't return those darn ICMP messages). How should I proceed? -- Groetjes, Klaas --------------------------------------------------------------------- Philips CryptoWorks 040-2722600 klaas.vangend@philips.com Sioux Technische Software Ontwikkeling BV 040-2677100 klaas.van.gend@sioux.nl