> Try using the netmask filter.
> filter f_host_a_b_c_d {
> netmask
("a.b.c.d/32");
> };
Tks for reply,
I tried but don't work!
More
specific:
I wish that all devicies in my network, logging into a
specific file on syslog server.
Now all files log all devicies!!
I
have the same result in different
file(100.log, 101.log, and so on)
Must I use iptables's match?? How??
tks
Tokie
p.s.:
netmask("a.b.c.
d/32") or netmask("a.b.c.d/255.255.255.255") ???
----Messaggio
originale----
Da: syslog-ng-request at lists.balabit.hu
Data: 10/12/2011
12.00
A: <syslog-ng at lists.balabit.hu>
Ogg: syslog-ng Digest, Vol 80,
Issue 15
Send syslog-ng mailing list submissions to
syslog-ng at lists.
balabit.hu
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.balabit.hu/mailman/listinfo/syslog-ng
or, via email, send
a message with subject or body 'help' to
syslog-ng-request at lists.
balabit.hu
You can reach the person managing the list at
syslog-ng-
owner at lists.balabit.hu
When replying, please edit your Subject line so
it is more specific
than "Re: Contents of syslog-ng digest..."
Today's Topics:
1. Re: syslog-ng 3.3.3 repeatedly writes same
message to local
file when forwarding enabled (Dave Haywood)
2. Re: Log only one host (tokie at tiscali.it)
3. Re: Log to syslog
file, filter from fifo (Balazs Scheidler)
4. [Bug 146] pdbtool
match does not display tags
(bugzilla at bugzilla.balabit.com)
----------------------------------------------------------------------
Message: 1
Date: Fri, 09 Dec 2011 11:22:24 +0000
From: Dave Haywood
<tla at oak.selfip.net>
Subject: Re: [syslog-ng] syslog-ng 3.3.3
repeatedly writes same
message to local file when forwarding enabled
To: Syslog-ng users' and developers' mailing list
<syslog-ng at lists.
balabit.hu>
Cc: Sandor Geller <Sandor.Geller at morganstanley.com>
Message-
ID: <4EE1EF70.1060001 at oak.selfip.net>
Content-Type: text/plain;
charset=ISO-8859-1
On 09/12/2011 09:53, Sandor Geller wrote:
> Sounds
like messages sent to 192.168.0.7 are feeded back to syslog-ng
> so
there is a logging loop. Is this address local? When not then there
>
is a chance that the packet filter rule isn't correct.
Thanks! You
were right, the issue was with the iptables rule. I
was trying to
capture traffic from localhost to port 514 and
redirect it to 1514
using NAT table OUTPUT. I use this for testing
every facility /
severity combination during install. But I didn't
specify a
destination host (of the local IP address); I only
specified the port.
This meant and traffic forwarded to a remote
host is redirected by
iptables back to the localhost, causing a loop.
Thanks for the help
:)
>
> On Fri, Dec 9, 2011 at 10:34 AM, Dave Haywood <tla at oak.selfip.
net> wrote:
>> Hi,
>>
>> I have a problem with syslog-ng 3.3.3. When
I have forwarding enabled to a remote syslog server (via UDP) syslog-ng
repeatedly writes the same message(s) to the log file and only stops
when the disk is full. Using tcpdump on the remote server, I don't see
any data arrive from the syslog-ng server so forwarding is not working
either.
>>
>> When I remove the forwarding part of the config file the
local file is written correctly (ie once). If I remove the local file
part from the config file and only enable the forwarding, I see syslog-
ng take all the CPU time. I never see any syslog messages arrive at
the remote syslog server.
>>
>> I tried:
>> 1) disabling IPv6 -
no change
>> 2) running outside the chroot jail - no change
>> 3) running as userid root - no change
>>
>> Does anyone have
any idea what would cause this? Debug info below.
>>
>> The
environment is:
>>
>> RedHat AS 4.8 (linux 2.6.9-89.ELsmp) on vmware
ESXi 4.1.0
>>
>> All required software built and installed in
/usr/local/ :
>>
>> eventlog_0.2.12.tar.gz
>> gettext-0.18.1.1.tar.gz
>> glib-2.29.90.tar.bz2
>> libdbi-0.8.4.tar.gz
>> libdbi-drivers-0.8.3.
tar.gz
>> libffi-3.0.9.tar.gz
>> libnet-0.10.11.tar.gz
>> pkg-config-
0.26.tar.gz
>> Python-2.7.2.tar.bz2
>> zlib-1.2.5.tar.bz2
>> syslog-
ng_3.3.3.tar.gz
>>
>> syslog-ng is running chroot() in directory /data
as user
E' nata indoona: chiama, videochiama e messaggia Gratis. Scarica indoona per iPhone, Android e PC: http://www.indoona.com/