[syslog-ng]iptables & syslog-ng

[Michael Renner]

On Tue, 28 Aug 2001, Nijs, Daniel wrote:

> Hello,
>
> I just set up an iptables based firewall on my syslog-ng host machine
> (redhat 7.1), but ran into a small problem.  When I run syslogd+klogd, I can
> see iptables generating the logfiles.  When I disable the standard syslog
> daemon, and run syslog-ng+klogd, I do not see the data I am looking for, it
> is almost like iptables isn't logging at all, but it has to, since it works
> with the normal syslogd.  I setup a generic rule, and a fallback, so
> everything should work.  When using the "logger" tool, and generating a fake
> entry, everything seems ok, so I assume this is an issue between kernel
> logging and syslog-ng.  I am running 1.5.9 (not the official release).  Any
> help would be appreciated.  Thanks

Hi Daniel!

It sounds like you have problems with your kernel-logs... do you receive
any kernel messages at all? i dumped klogd at all and using the following
syslog-ng-directive as source for my kernel messages:

---

source srck { pipe("/proc/kmsg"); };

---

It works w/o a flaw for me and makes the klogd obsolete, another
application which can't break  :)

greetz michael

Michael Renner
Inode Internet - Junior System Engineer