[syslog-ng]Question....

Sami Saleh ssaleh@winstar.com
Thu, 7 Dec 2000 11:33:12 -0500


We got SYSLOG-NG to support this configuration if the local IP address of
the host unit was input.  However, it failed when we entered a remote
system.  Is it possible to use syslog-ng to accept data from specific hosts
and reject it from others?  If possible we'd like to use UDP to keep
overhead as low as possible.  The configuration below only accepted the
local host IP.

Thanks,

-----Original Message-----
From: syslog-ng-admin@lists.balabit.hu
[mailto:syslog-ng-admin@lists.balabit.hu]On Behalf Of Balazs Scheidler
Sent: Thursday, December 07, 2000 5:42 AM
To: syslog-ng@lists.balabit.hu
Subject: Re: [syslog-ng]Question....


> We're trying to configure syslog-ng to only accept logs from specific
> servers.  Here is the code we've implemented within syslog-ng.conf.
>
> options { long_hostnames(off); sync(0); };
> source src {
>         sun-streams("/dev/log" door("/etc/.syslog_door"));
>         internal();
>         udp(192.168.1.20,514);
> };
>
> However, we get the following error when we start the daemon:
>
> parse error at 5
> Parse error reading configuration file, exiting.

your udp declaration should be:

udp(ip(192.168.1.20) port(514))

514 is the default port.

> The objective is to only allow certain hosts to log to this server.  Any
> help would be appreciated.

packet filter?

--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
     url: http://www.balabit.hu/pgpkey.txt

_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng