[ previous ] [ next ] [ threads ]
 
 From:  "Magne Andreassen" <magne dot andreassen at bluezone dot no>
 To:  "Fady Makar" <fady dot makar at mapds dot com dot au>
 Cc:  "M0n0Wall" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] System Logging in cdrom-pb15r486.iso
 Date:  Fri, 5 Sep 2003 11:50:49 +0200
> Thanks for your reply but I am still not sure what to do, do you mean edit
> the config.xml from the floppy and add that line into or do I create a
> folder on the remote server called syslogd...
>
No, you dont have to edit the config.xml file.

on m0n0wall: you dont have to do anything else than provide the ip-adress of
the remote-server, and click the logs you want to remotelog.

on remote-server: run commands that are quoted, eg: 'man syslogd' vil give
you
some information on how to setup syslogd.

Running this commands on the remote-server:
'kill -KILL <pid of syslogd>'
and:
'syslogd -a <ipaddr of m0n0wall>/<masklen>'

..vil make syslogd accept datagrams from m0n0wall, taken you have provided
the correct ip-address and masklen.

eg: 'syslogd -a 192.168.1.1/24'

Magne

>
> Thanks
>
> Fady
>
> -----Original Message-----
> From: Magne Andreassen [mailto:magne dot andreassen at bluezone dot no]
> Sent: Friday, 5 September 2003 9:43 AM
> To: Fady Makar
> Cc: M0n0Wall
> Subject: RE: [m0n0wall] System Logging in cdrom-pb15r486.iso
>
>
> > I have noticed that under the system logging option in the new
> release of
> > M0n0Wall that it displays the following:
> >
> > Note:
> > syslog sends UDP datagrams to port 514 on the specified remote syslog
> > server. Be sure to set syslogd on the remote server to accept syslog
> > messages from m0n0wall.
> >
> >
> > Basically I need to know apart from ticking all options in that
> > screen under
> > the logging and providing the IP address of the remote logging
> server what
> > else do I need to do in order to get the logs to the remote server...
> >
> on remote syslogd server: setup syslogd and make it accept
> datagrams from m0n0wall. see 'man syslogd'
>
> i guess something like this would do the trick:
> 'syslogd -a <ipaddr of m0n0wall>/<masklen>'
>
> don't use the -s or -ss parameters when starting syslogd as this will
> prevent
> it from opening any network sockets.
>
>
> Magne
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>