Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

syslog by remote ip



I've finally set my router to log to syslog (on by debian potato). It
was logging to three files under /var/log (user.log, messages, syslog)
so I changed from [1] to [2], to have it just go to user.log. Did I
break anything? The router messages now only go to user.log as desired.

What I'd really like to do is have all router messages logged to it's
own file, but I can't work out how; they look like this, but I can't see
how to filter based on any of these fields (211.123.38.193 is the
router's address). [3]
  Jan 22 21:24:40 211.123.38.193 IP#2: tx filtered UDP from
211.123.38.193/520 to 0.0.0.0/520

Darren


[1]:
*.*;auth,authpriv.none          -/var/log/syslog
user.*                          -/var/log/user.log
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages


[2]:
*.*;auth,authpriv.none;!user.notice             -/var/log/syslog
user.*                          -/var/log/user.log
*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none;!user.notice             -/var/log/messages


[3]: As a side question, it's a MN-128-SOHO, and the rule that seems to
be constantly catching is:
   ip filter 32 reject out * * udp route route remote 0

Should I add something like this to allow whatever it is the router is
wanting to do?
   ip filter 31 pass out 211.123.38.193 0.0.0.0 udp route route remote 0

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links