From ler@lerctr.org  Sat Oct 29 02:18:29 2011
Return-Path: <ler@lerctr.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A7D67106566B
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 29 Oct 2011 02:18:29 +0000 (UTC)
	(envelope-from ler@lerctr.org)
Received: from thebighonker.lerctr.org (lrosenman-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3ad::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 39B768FC14
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 29 Oct 2011 02:18:29 +0000 (UTC)
Received: from cpe-72-182-3-73.austin.res.rr.com ([72.182.3.73]:60607 helo=borg.lerctr.org)
	by thebighonker.lerctr.org with esmtpsa (TLSv1:AES256-SHA:256)
	(Exim 4.77 (FreeBSD))
	(envelope-from <ler@lerctr.org>)
	id 1RJyV6-000MBA-9u
	for FreeBSD-gnats-submit@freebsd.org; Fri, 28 Oct 2011 21:18:28 -0500
Received: from ler by borg.lerctr.org with local (Exim 4.77 (FreeBSD))
	(envelope-from <ler@lerctr.org>)
	id 1RJyV5-000ICn-NK
	for FreeBSD-gnats-submit@freebsd.org; Fri, 28 Oct 2011 21:18:23 -0500
Message-Id: <E1RJyV5-000ICn-NK@borg.lerctr.org>
Date: Fri, 28 Oct 2011 21:18:23 -0500
From: Larry Rosenman <ler@lerctr.org>
Reply-To: Larry Rosenman <ler@lerctr.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: remote syslog not logging
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         162135
>Category:       bin
>Synopsis:       remote syslog not logging
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    dougb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Oct 29 02:20:06 UTC 2011
>Closed-Date:    Sat Oct 29 02:39:36 UTC 2011
>Last-Modified:  Sat Oct 29 11:17:32 UTC 2011
>Originator:     Larry Rosenman
>Release:        FreeBSD 10.0-CURRENT amd64
>Organization:
LERCTR Consulting
>Environment:
System: FreeBSD borg.lerctr.org 10.0-CURRENT FreeBSD 10.0-CURRENT #5: Mon Oct 24 04:15:57 CDT 2011 root@borg.lerctr.org:/usr/obj/usr/src/sys/BORG-DTRACE amd64


	
>Description:
Why doesn't syslogd log these messages?

This is from my Cable Modem:
# tcpdump -vv -s 1500 host 192.168.200.10 and port 514
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 1500 bytes
21:14:21.915542 IP (tos 0x0, ttl 64, id 36817, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.bbn-mmx > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:21.916790 IP (tos 0x0, ttl 64, id 36818, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.sbook > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:21.917914 IP (tos 0x0, ttl 64, id 36819, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.editbench > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:22.665629 IP (tos 0x0, ttl 64, id 36820, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.equationbuilder > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:22.666755 IP (tos 0x0, ttl 64, id 36821, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.lotusnote > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:22.667880 IP (tos 0x0, ttl 64, id 36822, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.relief > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:20 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3230 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:23.428957 IP (tos 0x0, ttl 64, id 36823, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.rightbrain > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3231 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:23.430206 IP (tos 0x0, ttl 64, id 36824, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.intuitive-edge > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3231 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
21:14:23.431580 IP (tos 0x0, ttl 64, id 36825, offset 0, flags [none], proto UDP (17), length 176)
    192.168.200.10.cuillamartin > borg.syslog: [udp sum ok] SYSLOG, length: 148
        Facility local0 (16), Severity alert (1)
        Msg: Oct 29 02:14:21 2011 SYSLOG[0]: [Host 192.168.200.10] UDP 192.168.200.108,137 --> 192.168.200.255,137 DENY: Inbound or outbound access request
        0x0000:  3c31 3239 3e4f 6374 2032 3920 3032 3a31
        0x0010:  343a 3231 2032 3031 3120 5359 534c 4f47
        0x0020:  5b30 5d3a 205b 486f 7374 2031 3932 2e31
        0x0030:  3638 2e32 3030 2e31 305d 2055 4450 2031
        0x0040:  3932 2e31 3638 2e32 3030 2e31 3038 2c31
        0x0050:  3337 202d 2d3e 2031 3932 2e31 3638 2e32
        0x0060:  3030 2e32 3535 2c31 3337 2044 454e 593a
        0x0070:  2049 6e62 6f75 6e64 206f 7220 6f75 7462
        0x0080:  6f75 6e64 2061 6363 6573 7320 7265 7175
        0x0090:  6573 7420
^C
9 packets captured
72 packets received by filter
0 packets dropped by kernel


The syslog flags:

syslogd_flags="-n -a 192.168.200.10 -a 192.168.200.0/24"

And /etc/syslog.conf:

# $FreeBSD: src/etc/syslog.conf,v 1.30 2009/06/11 15:07:02 avg Exp $
#
#	Spaces ARE valid field separators in this file. However,
#	other *nix-like systems still insist on using tabs as field
#	separators. If you are sharing this file between systems, you
#	may want to use only tabs as field separators here.
#	Consult the syslog.conf(5) manpage.
*.err;kern.warning;auth.notice;mail.crit;local0.alert		/dev/console
*.info;authpriv.none;kern.debug;lpr.info;mail.crit;news.err;local0.*	/var/log/messages
security.*					/var/log/security
auth.info;authpriv.info				/var/log/auth.log
mail.info					/var/log/maillog
lpr.info					/var/log/lpd-errs
ftp.info					/var/log/xferlog
cron.*						/var/log/cron
*.=debug					/var/log/debug.log
*.emerg						*
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info					/var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
*.*						/var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.*						@loghost
# uncomment these if you're running inn
# news.crit					/var/log/news/news.crit
# news.err					/var/log/news/news.err
# news.notice					/var/log/news/news.notice
!ppp
*.*						/var/log/ppp.log
!*


Tail of /var/log/messages:

Oct 28 16:01:41 borg sshd[67672]: Accepted publickey for ler from 32.97.110.60 port 25947 ssh2
Oct 28 16:02:03 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/tail /var/log/all.log
Oct 28 16:02:10 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/tail -f /var/log/all.log
Oct 28 16:02:24 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/usr/bin/grep 192.168.200 /var/log/all.log
Oct 28 16:05:00 borg /usr/sbin/cron[67703]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:10:00 borg /usr/sbin/cron[67730]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 65 to 64
Oct 28 16:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 35 to 36
Oct 28 16:11:00 borg /usr/sbin/cron[67738]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:15:00 borg /usr/sbin/cron[67770]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:16:37 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
Oct 28 16:20:00 borg /usr/sbin/cron[67797]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:22:00 borg /usr/sbin/cron[67809]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:25:00 borg /usr/sbin/cron[67836]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:30:00 borg /usr/sbin/cron[67863]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:33:00 borg /usr/sbin/cron[67880]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:35:00 borg /usr/sbin/cron[67902]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:40:00 borg /usr/sbin/cron[67929]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:44:00 borg /usr/sbin/cron[67952]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:45:00 borg /usr/sbin/cron[67969]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:50:00 borg /usr/sbin/cron[67996]: (root) CMD (/usr/libexec/atrun)
Oct 28 16:55:00 borg /usr/sbin/cron[68025]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 16:55:00 borg /usr/sbin/cron[68024]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:00:00 borg /usr/sbin/cron[68064]: (root) CMD (newsyslog)
Oct 28 17:00:00 borg /usr/sbin/cron[68065]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:00:00 borg /usr/sbin/cron[68066]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:05:00 borg /usr/sbin/cron[68103]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:08:41 borg ntpd[1296]: synchronized to 63.211.239.58, stratum 2
Oct 28 17:10:00 borg /usr/sbin/cron[68130]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 62
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 38
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 63
Oct 28 17:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 37
Oct 28 17:11:00 borg /usr/sbin/cron[68138]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:15:00 borg /usr/sbin/cron[68170]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:20:00 borg /usr/sbin/cron[68197]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:22:00 borg /usr/sbin/cron[68209]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:25:00 borg /usr/sbin/cron[68236]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:30:00 borg /usr/sbin/cron[68263]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:33:00 borg /usr/sbin/cron[68280]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:35:00 borg /usr/sbin/cron[68302]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:40:00 borg /usr/sbin/cron[68329]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:40:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 62 to 63
Oct 28 17:40:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 38 to 37
Oct 28 17:44:00 borg /usr/sbin/cron[68352]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:45:00 borg /usr/sbin/cron[68369]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:50:00 borg /usr/sbin/cron[68396]: (root) CMD (/usr/libexec/atrun)
Oct 28 17:55:00 borg /usr/sbin/cron[68424]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 17:55:00 borg /usr/sbin/cron[68425]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:00:00 borg /usr/sbin/cron[68464]: (root) CMD (newsyslog)
Oct 28 18:00:00 borg /usr/sbin/cron[68465]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:00:00 borg /usr/sbin/cron[68466]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:05:00 borg /usr/sbin/cron[68503]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:10:00 borg /usr/sbin/cron[68530]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:11:00 borg /usr/sbin/cron[68538]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:15:00 borg /usr/sbin/cron[68570]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:20:00 borg /usr/sbin/cron[68597]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:22:00 borg /usr/sbin/cron[68609]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:25:00 borg /usr/sbin/cron[68636]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:30:00 borg /usr/sbin/cron[68663]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:33:00 borg /usr/sbin/cron[68680]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:35:00 borg /usr/sbin/cron[68702]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:40:00 borg /usr/sbin/cron[68729]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:40:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 64
Oct 28 18:40:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 36
Oct 28 18:42:02 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
Oct 28 18:44:00 borg /usr/sbin/cron[68752]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:45:00 borg /usr/sbin/cron[68769]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:45:49 borg sshd[68774]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:51 borg sshd[68776]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:52 borg sshd[68778]: Invalid user shit from 121.207.230.69
Oct 28 18:45:52 borg sshd[68778]: input_userauth_request: invalid user shit [preauth]
Oct 28 18:45:53 borg sshd[68778]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:55 borg sshd[68780]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:57 borg sshd[68783]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:45:59 borg sshd[68785]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:01 borg sshd[68787]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:03 borg sshd[68789]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:05 borg sshd[68791]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:07 borg sshd[68793]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:09 borg sshd[68795]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:11 borg sshd[68797]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:12 borg sshd[68799]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:14 borg sshd[68802]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:16 borg sshd[68805]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:18 borg sshd[68807]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:20 borg sshd[68809]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:22 borg sshd[68811]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:24 borg sshd[68813]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:26 borg sshd[68815]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:28 borg sshd[68817]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:30 borg sshd[68819]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:32 borg sshd[68821]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:34 borg sshd[68823]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:36 borg sshd[68826]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:38 borg sshd[68828]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:40 borg sshd[68830]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:42 borg sshd[68832]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:44 borg sshd[68835]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:44 borg sshd[68835]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:44 borg sshd[68835]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:46 borg sshd[68837]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:46 borg sshd[68837]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:46 borg sshd[68837]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:48 borg sshd[68839]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:48 borg sshd[68839]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:48 borg sshd[68839]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:50 borg sshd[68841]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:50 borg sshd[68841]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:50 borg sshd[68841]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:52 borg sshd[68843]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:52 borg sshd[68843]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:52 borg sshd[68843]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:54 borg sshd[68845]: Invalid user oracle from 121.207.230.69
Oct 28 18:46:54 borg sshd[68845]: input_userauth_request: invalid user oracle [preauth]
Oct 28 18:46:54 borg sshd[68845]: Received disconnect from 121.207.230.69: 11: Bye Bye [preauth]
Oct 28 18:46:54 borg sshd[68847]: refused connect from 121.207.230.69 (121.207.230.69)
Oct 28 18:50:00 borg /usr/sbin/cron[68865]: (root) CMD (/usr/libexec/atrun)
Oct 28 18:55:00 borg /usr/sbin/cron[68893]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 18:55:00 borg /usr/sbin/cron[68894]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:00:00 borg /usr/sbin/cron[68934]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:00:00 borg /usr/sbin/cron[68933]: (root) CMD (newsyslog)
Oct 28 19:00:00 borg /usr/sbin/cron[68935]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:05:00 borg /usr/sbin/cron[68972]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:10:00 borg /usr/sbin/cron[68999]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 65
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 35
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 64 to 63
Oct 28 19:10:29 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 36 to 37
Oct 28 19:11:00 borg /usr/sbin/cron[69007]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:15:00 borg /usr/sbin/cron[69039]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:20:00 borg /usr/sbin/cron[69066]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:22:00 borg /usr/sbin/cron[69078]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:25:00 borg /usr/sbin/cron[69105]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:30:00 borg /usr/sbin/cron[69132]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:33:00 borg /usr/sbin/cron[69149]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:35:00 borg /usr/sbin/cron[69171]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:40:00 borg /usr/sbin/cron[69198]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:40:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 65 to 64
Oct 28 19:40:29 borg smartd[1341]: Device: /dev/ada0, SMART Usage Attribute: 194 Temperature_Celsius changed from 35 to 36
Oct 28 19:44:00 borg /usr/sbin/cron[69221]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:45:00 borg /usr/sbin/cron[69238]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:50:00 borg /usr/sbin/cron[69271]: (root) CMD (/usr/libexec/atrun)
Oct 28 19:55:00 borg /usr/sbin/cron[69302]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 19:55:00 borg /usr/sbin/cron[69303]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:00:00 borg /usr/sbin/cron[69343]: (root) CMD (newsyslog)
Oct 28 20:00:00 borg /usr/sbin/cron[69342]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:00:00 borg /usr/sbin/cron[69344]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:05:00 borg /usr/sbin/cron[69381]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:08:37 borg kernel: arp: 192.168.200.10 moved from 2c:9e:5f:f8:d9:a3 to d8:b3:77:f1:b2:61 on em0
Oct 28 20:10:00 borg /usr/sbin/cron[69408]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 62
Oct 28 20:10:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 38
Oct 28 20:11:00 borg /usr/sbin/cron[69416]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:12:25 borg kernel: arp: 192.168.200.10 moved from d8:b3:77:f1:b2:61 to 2c:9e:5f:f8:d9:a3 on em0
Oct 28 20:15:00 borg /usr/sbin/cron[69451]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:20:00 borg /usr/sbin/cron[69478]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:22:00 borg /usr/sbin/cron[69490]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:25:00 borg /usr/sbin/cron[69517]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:30:00 borg /usr/sbin/cron[69544]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:33:00 borg /usr/sbin/cron[69561]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:33:29 borg ntpd[1296]: synchronized to 63.211.239.58, stratum 2
Oct 28 20:33:35 borg sshd[69574]: Accepted publickey for ler from 192.168.200.103 port 51503 ssh2
Oct 28 20:33:39 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 20:35:00 borg /usr/sbin/cron[69593]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:40:00 borg /usr/sbin/cron[81187]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:40:29 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 62 to 63
Oct 28 20:44:00 borg /usr/sbin/cron[97243]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:45:00 borg /usr/sbin/cron[98575]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:50:00 borg /usr/sbin/cron[98602]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:55:00 borg /usr/sbin/cron[98640]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 20:55:00 borg /usr/sbin/cron[98641]: (root) CMD (/usr/libexec/atrun)
Oct 28 20:55:37 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:00:00 borg /usr/sbin/cron[22210]: (root) CMD (newsyslog)
Oct 28 21:00:00 borg /usr/sbin/cron[22211]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 21:00:00 borg /usr/sbin/cron[22212]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:05:00 borg /usr/sbin/cron[49378]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:10:00 borg /usr/sbin/cron[66044]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada2, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 63 to 64
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 62 to 63
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada3, SMART Usage Attribute: 194 Temperature_Celsius changed from 38 to 37
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 190 Airflow_Temperature_Cel changed from 63 to 64
Oct 28 21:10:30 borg smartd[1341]: Device: /dev/ada4, SMART Usage Attribute: 194 Temperature_Celsius changed from 37 to 36
Oct 28 21:11:00 borg /usr/sbin/cron[66745]: (operator) CMD (/usr/libexec/save-entropy)
Oct 28 21:11:54 borg postgres[1374]: [2-1] LOG:  received fast shutdown request
Oct 28 21:11:54 borg postgres[1374]: [3-1] LOG:  aborting any active transactions
Oct 28 21:11:54 borg postgres[1380]: [2-1] LOG:  autovacuum launcher shutting down
Oct 28 21:11:54 borg postgres[1378]: [1-1] LOG:  shutting down
Oct 28 21:11:54 borg postgres[1378]: [2-1] LOG:  database system is shut down
Oct 28 21:11:55 borg postgres[69862]: [1-1] LOG:  database system was shut down at 2011-10-28 21:11:54 CDT
Oct 28 21:11:55 borg postgres[69861]: [1-1] LOG:  database system is ready to accept connections
Oct 28 21:11:55 borg postgres[69865]: [1-1] LOG:  autovacuum launcher started
Oct 28 21:12:34 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:13:28 borg sudo:      ler : TTY=pts/0 ; PWD=/home/ler ; USER=root ; COMMAND=/bin/sh
Oct 28 21:13:56 borg kernel: em0: promiscuous mode enabled
Oct 28 21:13:56 borg kernel: em0: promiscuous mode disabled
Oct 28 21:14:14 borg kernel: em0: promiscuous mode enabled
Oct 28 21:14:26 borg kernel: em0: promiscuous mode disabled
Oct 28 21:15:00 borg /usr/sbin/cron[69944]: (root) CMD (/usr/libexec/atrun)
Oct 28 21:16:12 borg ntpd[1296]: synchronized to 199.4.29.166, stratum 2
>How-To-Repeat:
Set up syslog as above, and enable remote logging, and note no logging
>Fix:
unknown

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: dougb 
State-Changed-When: Sat Oct 29 02:36:36 UTC 2011 
State-Changed-Why:  

This is something that needs to be reported on a mailing list first, probably 
freebsd-questions@FreeBSD.org. If you don't get a resolution there, then try 
freebsd-current@FreeBSD.org.  

Meanwhile, make sure that syslogd on the receiving host has not been started 
with any -s options. 

hope this helps, 

Doug 


Responsible-Changed-From-To: freebsd-bugs->dougb 
Responsible-Changed-By: dougb 
Responsible-Changed-When: Sat Oct 29 02:36:36 UTC 2011 
Responsible-Changed-Why:  

I closed it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=162135 

From: Larry Rosenman <ler@lerctr.org>
To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org, 
    dougb@FreeBSD.org
Cc:  
Subject: Re: bin/162135: remote syslog not logging
Date: Fri, 28 Oct 2011 21:59:54 -0500 (CDT)

 Since Doug Barton doesn't believe that the syslogd is running with the 
 options, here's a ps to show that it is:
 
 
 root     65128   0.0  0.0  12216   1552 ??  Ss   10:02AM     0:01.17 /usr/sbin/syslogd -n -a 192.168.200.10 -a 192.168.200.0/24
 ler      70268   0.0  0.0  14680   1608  0  S+    9:58PM     0:00.00 sh -c ps auxw|grep syslogd
 ler      70270   0.0  0.0  16460   1352  0  S+    9:58PM     0:00.00 grep syslogd
 
 And in answer to Doug's point that the -a options are redundant, I know that
 but I did it as a debugging set.
 
 I think this proves that there is a PROBLEM in the code, and the PR should
 be reopened.
 
 I object STRONGLY to the closure of this PR.
 
 
 
 -- 
 Larry Rosenman                     http://www.lerctr.org/~ler
 Phone: +1 512-248-2683                 E-Mail: ler@lerctr.org
 US Mail: 430 Valona Loop, Round Rock, TX 78681-3893

From: Stanislav Sedov <stas@FreeBSD.org>
To: Larry Rosenman <ler@lerctr.org>
Cc: FreeBSD PR followup <bug-followup@FreeBSD.org>
Subject: Re: bin/162135: remote syslog not logging
Date: Fri, 28 Oct 2011 20:16:14 -0700

 Hi!
 
 I think there's a problem with you configuration.
 For syslogd server to accept messages from the remote host you need to
 specify hosts you allow to accept messages from via "-a" command line
 arguments:
 
 %      -a allowed_peer
 %              Allow allowed_peer to log to this syslogd using UDP datagrams.
 %              Multiple -a options may be specified.
 % 
 %              The allowed_peer option may be any of the following:
 % 
 %              ipaddr/masklen[:service]    Accept datagrams from ipaddr (in the
 %                                          usual dotted quad notation) with
 %                                          masklen bits being taken into account
 %                                          when doing the address comparison.
 %                                          ipaddr can be also IPv6 address by
 %                                          enclosing the address with `[' and
 %                                          `]'.  If specified, service is the
 %                                          name or number of an UDP service (see
 %                                          services(5)) the source packet must
 %                                          belong to.  A service of `*' allows
 %                                          packets being sent from any UDP port.
 %                                          The default service is `syslog'.  If
 %                                          ipaddr is IPv4 address, a missing
 %                                          masklen will be substituted by the
 %                                          historic class A or class B netmasks
 %                                          if ipaddr belongs into the address
 %                                          range of class A or B, respectively,
 %                                          or by 24 otherwise.  If ipaddr is
 %                                          IPv6 address, a missing masklen will
 %                                          be substituted by 128.
 
 Please, note, that here the default service is 'syslog', so syslogd
 won't accept any packets coming from ports != syslogd unless the service
 is specified.  In you tcpdump output packets are coming from the port
 1349, and since you didn't specified the service in the syslogd command
 line arguments these messages won't be accepted.
 
 I'm not sure, but maybe running syslogd in debug mode will actually show
 messages confirming this.
 
 -- 
 Stanislav Sedov
 ST4096-RIPE
 
 ()  ascii ribbon campaign - against html e-mail 
 /\  www.asciiribbon.org   - against proprietary attachments

From: Larry Rosenman <ler@lerctr.org>
To: Stanislav Sedov <stas@FreeBSD.org>
Cc: FreeBSD PR followup <bug-followup@FreeBSD.org>
Subject: Re: bin/162135: remote syslog not logging
Date: Fri, 28 Oct 2011 22:20:27 -0500

 ------7BYDOEP0IHLTW1HCPV4N541DIUQVIJ
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/plain;
  charset=UTF-8
 
 See the options lines
 
 -a 192.168.200.0/24
 
 And the Cable modem is sending =
 to 514.
 
 (See the tcpdump output)
 -- 
 Sent from my Android phone with K-9 M=
 ail. Please excuse my brevity.
 
 Stanislav Sedov <stas@FreeBSD.org> wrote:
 
 =
 Hi!
 
 I think there's a problem with you configuration.
 For syslogd server t=
 o accept messages from the remote host you need to
 specify hosts you allow =
 to accept messages from via "-a" command line
 arguments:
 
 % -a allowed_peer=
 
 % Allow allowed_peer to log to this syslogd using UDP datagrams.
 % Multipl=
 e -a options may be specified.
 % 
 % The allowed_peer option may be any of t=
 he following:
 % 
 % ipaddr/masklen[:service] Accept datagrams from ipaddr (i=
 n the
 % usual dotted quad notation) with
 % masklen bits being taken into ac=
 count
 % when doing the address comparison.
 % ipaddr can be also IPv6 addres=
 s by
 % enclosing the address with `[' and
 % `]'. If specified, service is t=
 he
 % name or number of an UDP service (see
 % services(5)) the source packet=
  must
 % belong to. A service of `*' allows
 % packets being sent from any UD=
 P port.
 % The default service is `syslog'. If
 % ipaddr is IPv4 address, a m=
 issing
 % masklen will be substituted by the
 % historic class A or class B n=
 etmasks
 % if ipaddr belongs into the address
 % range of class A or B, respe=
 ctively,
 % or by 24 otherwise. If ipaddr is
 % IPv6 address, a missing maskl=
 en will
 % be substituted by 128.
 
 Please, note, that here the default servi=
 ce is 'syslog', so syslogd
 won't accept any packets coming from ports !=3D =
 syslogd unless the service
 is specified. In you tcpdump output packets are =
 coming from the port
 1349, and since you didn't specified the service in th=
 e syslogd command
 line arguments these messages won't be accepted.
 
 I'm not=
  sure, but maybe running syslogd in debug mode will actually show
 messages =
 confirming this.
 
 -- 
 Stanislav Sedov
 ST4096-RIPE
 
 () ascii ribbon campaign=
  - against html e-mail 
 /\ www.asciiribbon.org - against proprietary attach=
 ments
 
 ------7BYDOEP0IHLTW1HCPV4N541DIUQVIJ--
 

From: Stanislav Sedov <stas@FreeBSD.org>
To: Larry Rosenman <ler@lerctr.org>
Cc: FreeBSD PR followup <bug-followup@FreeBSD.org>
Subject: Re: bin/162135: remote syslog not logging
Date: Fri, 28 Oct 2011 21:01:10 -0700

 On Fri, 28 Oct 2011 22:20:27 -0500
 Larry Rosenman <ler@lerctr.org> mentioned:
 
 > See the options lines
 > 
 > -a 192.168.200.0/24
 > 
 > And the Cable modem is sending to 514.
 > 
 
 Please, read the manpage description for the '-a' switch.
 The modem is sending to the port 514, it's true, but it's not
 using port 514 as a source.  And you didn't specify the source
 service in the '-a' command line argument parameter.
 
 -- 
 Stanislav Sedov
 ST4096-RIPE
 
 ()  ascii ribbon campaign - against html e-mail 
 /\  www.asciiribbon.org   - against proprietary attachments

From: Larry Rosenman <ler@lerctr.org>
To: Stanislav Sedov <stas@FreeBSD.org>
Cc: FreeBSD PR followup <bug-followup@FreeBSD.org>, 
 freebsd-current@freebsd.org, kob6558@gmail.com
Subject: Re: bin/162135: remote syslog not logging
Date: Fri, 28 Oct 2011 23:08:05 -0500

 On 10/28/2011 11:01 PM, Stanislav Sedov wrote:
 > On Fri, 28 Oct 2011 22:20:27 -0500
 > Larry Rosenman<ler@lerctr.org>  mentioned:
 >
 >> See the options lines
 >>
 >> -a 192.168.200.0/24
 >>
 >> And the Cable modem is sending to 514.
 >>
 > Please, read the manpage description for the '-a' switch.
 > The modem is sending to the port 514, it's true, but it's not
 > using port 514 as a source.  And you didn't specify the source
 > service in the '-a' command line argument parameter.
 >
 AHA! That's the issue.  I changed the -a to:
 syslogd_flags="-n -a 192.168.200.0/24:*"
 
 and we now get the messages logged.
 
 THANK YOU.
 
 
>Unformatted:
