[syslog-ng]iptables & syslog-ng
Nijs, Daniel
NijsD@telergy.net
Wed, 29 Aug 2001 08:53:26 -0400
Hi Michael
That did indeed fix the problem, are you running 1.5.9? Now I have to write
rules for two src's which could cause more overhead, so I would like to know
if this is a bug of some sort, or normal behavior. Thanks for your help,
this really works well.
Best regards,
Daniel
-----Original Message-----
From: Michael Renner [mailto:robe@amd.co.at]
Sent: Tuesday, August 28, 2001 4:10 PM
To: 'syslog-ng@lists.balabit.hu'
Subject: Re: [syslog-ng]iptables & syslog-ng
On Tue, 28 Aug 2001, Nijs, Daniel wrote:
> Hello,
>
> I just set up an iptables based firewall on my syslog-ng host machine
> (redhat 7.1), but ran into a small problem. When I run syslogd+klogd, I
can
> see iptables generating the logfiles. When I disable the standard syslog
> daemon, and run syslog-ng+klogd, I do not see the data I am looking for,
it
> is almost like iptables isn't logging at all, but it has to, since it
works
> with the normal syslogd. I setup a generic rule, and a fallback, so
> everything should work. When using the "logger" tool, and generating a
fake
> entry, everything seems ok, so I assume this is an issue between kernel
> logging and syslog-ng. I am running 1.5.9 (not the official release).
Any
> help would be appreciated. Thanks
Hi Daniel!
It sounds like you have problems with your kernel-logs... do you receive
any kernel messages at all? i dumped klogd at all and using the following
syslog-ng-directive as source for my kernel messages:
---
source srck { pipe("/proc/kmsg"); };
---
It works w/o a flaw for me and makes the klogd obsolete, another
application which can't break :)
greetz michael
Michael Renner
Inode Internet - Junior System Engineer
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng