[syslog-ng]Difficulty with source(net) on Solaris 8 [syslog-ng-1.5.9]

Ken Paris kparis@netstars.org
Mon, 17 Sep 2001 13:44:14 -0700 (MST)


Greetings,

I need assistance to configure syslog-ng to log external SYSLOG messages.

I have successfully compiled the development branch version 1.5.9 as well as 
libol-0.2.24 on my Solaris8 box.

I am running into the same problem with logging external syslog messages as I 
did with version 1.4.9a.

kparis@dv-netlog$ ps -aef | grep sysl
    root   203     1  0   Sep 14 ?        0:00 /usr/sbin/syslogd
    root 10614     1  0 12:23:51 ?        0:00 /usr/local/sbin/syslog-ng -
f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid

I can snoop the interface and see the SYSLOG packets arrive:

kparis@dv-netlog$ sudo snoop 172.16.3.254
Using device /dev/hme (promiscuous mode)
172.16.3.254 -> dv-netlog    SYSLOG C port=57636 <5>371: Sep 17 13:23

I can see the messages appear into the standard syslogd 
destination /var/adm/messages:

kparis@dv-netlog$ sudo tail -f /var/adm/messages
Sep 17 13:27:39 [172.16.3.254.225.36] 371: Sep 17 13:23:54: %SYS-5-CONFIG_I: 
Configured from console by kparis on vty0 (172.16.0.60)

Only local messages (such as sudo) appear in /var/log/default.

kparis@dv-netlog$ sudo tail -f /var/log/default
Sep 17 13:17:06 dv-netlog sudo: [ID 850335 local2.notice]   kparis : 
TTY=pts/4 ; PWD=/uhome/kparis ; USER=root ; COMMAND=/usr/sbin/snoop 172.16.3.254
Sep 17 13:27:28 dv-netlog sudo: [ID 850335 local2.notice]   kparis : 
TTY=pts/3 ; PWD=/usr/local/install ; USER=root ; 
COMMAND=/usr/bin/cat /var/run/syslog-ng.pid

No external soruced messages appear into this same log as would be expected.

My syslog-ng configuration file is as follows:
kparis@dv-netlog$ more /usr/local/etc/syslog-ng.conf
options { sync(0); keep_hostname(yes); chain_hostnames(no); log_fifo_size
(30000); };
source s_local { sun-streams("/dev/log" door("/etc/.syslog_door")); };
source s_int { internal(); };
source s_net_udp { udp(); };
destination d_local { file("/var/log/default"); };
destination d_int { file("/var/log/internal"); };
log { source(s_local); source(s_net_udp); destination(d_local); };
log { source(s_int); destination(d_int); };

I am seeing a difference with truss on the syslog-ng process in that I no 
longer see the recvfrom() entries.
kparis@dv-netlog$ sudo truss -p `sudo cat /var/run/syslog-ng.pid`

poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
poll(0xFFBEF5E8, 4, 60000)                      = 0
time()                                          = 1000758508
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0)       = 0
poll(0xFFBEF5E8, 4, 60000)                      = 1
getmsg(2, 0xFFBECCF0, 0xFFBECCE0, 0xFFBECCC4)   = 0
time()                                          = 1000758520
time()                                          = 1000758520
time()                                          = 1000758520
time()                                          = 1000758520
poll(0xFFBEF5E8, 4, 100)                        = 1
write(0, " S e p   1 7   1 3 : 2 8".., 151)     = 151
time()                                          = 1000758520
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) Err#62 ETIME
time()                                          = 1000758531
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0)       = 0
poll(0xFFBEF5E8, 4, 60000)                      = 1
getmsg(2, 0xFFBECCF0, 0xFFBECCE0, 0xFFBECCC4)   = 0
time()                                          = 1000758539
time()                                          = 1000758539
time()                                          = 1000758539
time()                                          = 1000758539
poll(0xFFBEF5E8, 4, 100)                        = 1
write(0, " S e p   1 7   1 3 : 2 8".., 139)     = 139
time()                                          = 1000758539
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0)       = 0
poll(0xFFBEF5E8, 4, 60000)                      = 1
getmsg(2, 0xFFBECCF0, 0xFFBECCE0, 0xFFBECCC4)   = 0
time()                                          = 1000758548
time()                                          = 1000758548
time()                                          = 1000758548
time()                                          = 1000758548
poll(0xFFBEF5E8, 4, 100)                        = 1
write(0, " S e p   1 7   1 3 : 2 9".., 150)     = 150
time()                                          = 1000758548
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
poll(0xFFBEF5E8, 4, 60000)                      = 0
time()                                          = 1000758609
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0)       = 0
poll(0xFFBEF5E8, 4, 60000)                      = 1
getmsg(2, 0xFFBECCF0, 0xFFBECCE0, 0xFFBECCC4)   = 0
time()                                          = 1000758668
time()                                          = 1000758668
time()                                          = 1000758668
time()                                          = 1000758668
poll(0xFFBEF5E8, 4, 100)                        = 1
write(0, " S e p   1 7   1 3 : 3 1".., 147)     = 147
time()                                          = 1000758668
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0)       = 0
poll(0xFFBEF5E8, 4, 60000)                      = 1
getmsg(2, 0xFFBECCF0, 0xFFBECCE0, 0xFFBECCC4)   = 0
time()                                          = 1000758683
time()                                          = 1000758683
time()                                          = 1000758683
time()                                          = 1000758683
poll(0xFFBEF5E8, 4, 100)                        = 1
write(0, " S e p   1 7   1 3 : 3 1".., 151)     = 151
time()                                          = 1000758683
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
poll(0xFFBEF5E8, 4, 60000)                      = 0
time()                                          = 1000758743
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
poll(0xFFBEF5E8, 4, 60000)                      = 0
time()                                          = 1000758803
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) Err#62 ETIME
time()                                          = 1000758831
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
poll(0xFFBEF5E8, 4, 60000)                      = 0
time()                                          = 1000758863
poll(0xFFBEF5E8, 4, 100)                        = 0
poll(0xFFBEF5E8, 4, 60000)      (sleeping...)
signotifywait()                 (sleeping...)
lwp_cond_wait(0xFF0F55C8, 0xFF0F55D8, 0xFF1D5C48) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)
door_return(0x00000000, 0, 0x00000000, 0) (sleeping...)