# syslog hosting is not working?



## ipfreak (Mar 7, 2021)

hello guys:

i am trying to use the server as an offline syslog server for my home gateway router but it is not working. the home gateway router is xxx.xxx.xxx.1.

---- udp port 514 is open

```
user@server:~:$ sudo netstat -na
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address          Foreign Address        (state)    
tcp4       0      0 xxx.xxx.xxx.xxx.22     xxx.xxx.xxx.50.60806     ESTABLISHED
tcp4       0      0 *.22                 *.*                    LISTEN     
tcp6       0      0 *.22                 *.*                    LISTEN     
tcp4       0      0 127.0.0.1.53           *.*                    LISTEN     
tcp6       0      0 ::1.53                 *.*                    LISTEN     
udp4       0      0 *.514                  *.*                    
udp6       0      0 *.514                  *.*                    
udp4       0      0 127.0.0.1.53           *.*                    
udp6       0      0 ::1.53                 *.*  

Starting Nmap 7.91 ( [URL]https://nmap.org[/URL] ) at 2021-03-07 14:34 EST
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.0051s latency).
Not shown: 999 closed ports
PORT    STATE         SERVICE
514/udp open|filtered syslog
MAC Address: xx:xx:xx:xx:xx:xxx (Foxconn)

Nmap done: 1 IP address (1 host up) scanned in 16.99 seconds
```
---- settings in rc.conf

```
syslogd_enable="YES"
syslogd_flags="-s -a xxx.xxx.xxx.1 -vv"
```
---- per freebsd handbook, https://docs.freebsd.org/doc/7.4-RELEASE/usr/share/doc/handbook/network-syslogd.html, i have following settings:

```
+xxx.xxx.xxx.1
*.*                                             /var/log/logclient.log
```
---- from tcpdump:

```
14:51:38.327222 IP xxx.xxx.xxx.1.syslog > xxx.xxx.xxx.xxx.syslog: SYSLOG daemon.info, length: 14
```
---- but nothing logged:

```
-rw-r--r--  1 root  wheel  0 Mar  3 18:01 /var/log/logclient.log
```
thanks

_dave


----------



## SirDice (Mar 7, 2021)

ipfreak said:


> per freebsd handbook, https://docs.freebsd.org/doc/7.4-RELEASE/usr/share/doc/handbook/network-syslogd.html,


That's an 8 year old version of the handbook. Things change.



ipfreak said:


> ```
> syslogd_flags="-s -a xxx.xxx.xxx.1 -vv"
> ```


Read syslogd(8):

```
-s      Operate in secure mode.  Do not log messages from remote
             machines.  If specified twice, no network socket will be opened
             at all, which also disables logging to remote machines.
```


----------



## ipfreak (Mar 7, 2021)

SirDice said:


> That's an 8 year old version of the handbook. Things change.
> 
> 
> Read syslogd(8):
> ...


thanks. i did try without "-s" but made no differences.


SirDice said:


> That's an 8 year old version of the handbook. Things change.
> 
> 
> Read syslogd(8):
> ...



thanks. it worked. sorry for the misinformation.


----------

