[syslog-ng] RES: RES: Problem to Get UDP Packets - Syslog-ng

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Mar 25 18:46:42 UTC 2020


On 25.03.20 18:29, William Luiz Ribeiro Vasconcelos Da Silva wrote:
>The IP from mgalnxa01 is 10.96.145.42

I then have explained it in my first post to this thread.
https://lists.balabit.hu/pipermail/syslog-ng/2020-March/025798.html

>This its example from tcpdump
>
>/usr/sbin/tcpdump -vn port 9514 -i eth1
>
>tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes
>14:11:19.670962 IP (tos 0x20, ttl 251, id 16868, offset 0, flags [none], proto UDP (17), length 244)
>    10.96.145.98.syslog > 10.96.145.42.9514: SYSLOG, length: 216

these packets come from port 514 on 10.96.145.98, to port 9514 on your
machine 10.96.145.42.

Your machine's syslog listens on port 514 (10.96.145.42:514)
so it won't see packets that are coming to port 9514.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows.   -- Matthew D. Fuller


More information about the syslog-ng mailing list