[syslog-ng] 1.5.19 patch for hostname and hpux pipe
Ron Braley
braley@aero.und.edu
Fri, 26 Jul 2002 15:11:10 -0500
Hi bazi.
We're having a problem with syslog-ng 1.5. It appears to be truncating
our iptables firewall logs.
The following shows good logs as viewed through dmesg, and actual log
entries as processed by syslog-ng:
*** Good (dmesg):
IPTABLES TCP-IN: IN=eth1 OUT=
MAC=00:03:47:4e:32:44:08:00:20:a7:53:e9:08:00
SRC=134.129.212.23 DST=134.129.212.30 LEN=48 TOS=0x00 PREC=0x00 TTL=64
ID=64525 DF
PROTO=TCP SPT=36788 DPT=53 WINDOW=24820 RES=0x00 SYN URGP=0
IPTABLES UDP-IN: IN=eth1 OUT=
MAC=00:03:47:4e:32:44:00:05:01:fb:e3:fc:08:00
SRC=134.129.214.80 DST=134.129.212.30 LEN=239 TOS=0x00 PREC=0x00
TTL=127 ID=21813
PROTO=UDP SPT=138 DPT=138 LEN=219
*** Bad (syslog [/var/log/kern]):
Jul 25 16:16:12 smack IPTABLES TCP-IN: IN=eth1 OUT=
MAC=00:03:47:4e:32:44:00:a0:c9:a9:b2:6c:08:00
SRC=134.129.212.33 DST=134.129.212.30 LEN=60 TOS=0x00
PREC=0x03NDOW=5840
Jul 25 16:16:13 smack IPTABLES UDP-IN: IN=eth1 OUT=
MAC=00:03:47:4e:32:44:00:05:01:fECP1389
Jul 25 16:16:13 smack IPTABLES UDP-IN: IN=eth1 OUT=
MAC=00:03:47:4e:32:44:00:05:01:fb3::0
SRC=134.12920.134 DST=134.129.212.0 LEN=78 TOS=0x00
PREC=0xTTL=1272ROTO=UDP SPT=137 DPT=137N=58
Can you help, please?
Thanks!
rb
Ron Braley
Network Team Leader - CCNP
Systems Team Leader - MCSE, CNE
University of North Dakota (Aerospace College)
braley@aero.und.edu
701-777-2964 (work) / 2940 (fax)