jimwillsher
January 20th, 2006, 08:19 PM
Hi all,
Looking for advice. I have a DrayTek router, and I want to log the events which it generates. It can send events to a syslog daemon on port 514, the norm. Under RedHat you follow these instructions, taken from http://www.draytek.co.uk/forum/viewtopic.php?t=6056&highlight=linux
:
Posted: Mon Aug 01, 2005 10:47 am Subject: howto syslog on redhat linux server (with/without iptables)
--------------------------------------------------------------------------------
Hi,
if you don't want to use wallwatcher on windows, you can also use your linux machine's syslog service. This is how to do it on a RedHat 9 machine but should be very similar on other distributions:
Modify /etc/syslog.conf to include the following:
local0.* /var/log/router-firewall.log
local1.* /var/log/router-vpn.log
local2.* /var/log/router-user.log
local3.* /var/log/router-call.log
local4.* /var/log/router-wan.log
local5.* /var/log/router-adsl.log
Modify /etc/sysconfig/syslog so that SYSLOGD_OPTIONS includes "-r -x":
SYSLOGD_OPTIONS="-m 0 -r -x"
If you use an iptables firewall, port 514 needs to be opened to udp traffic, so modify /etc/sysconf/iptables and insert the following line (make sure RH-Lokkit-0-50-INPUT is the correct filter name and replace the ip address with the address of the router, the following is an example):
-A RH-Lokkit-0-50-INPUT -s 192.168.0.1 -p udp -m udp --dport 514 -j ACCEPT
Once all is done, restart syslog (and iptables):
I can happily update /etc/syslog.conf to add the new entries, but I don't have /etc/sysconfig/syslog or a corresponding syslog service to restart. Can anyone tell me where I should be looking?
I'm running Breezy with no GUI.
Many thanks!
Jim
Looking for advice. I have a DrayTek router, and I want to log the events which it generates. It can send events to a syslog daemon on port 514, the norm. Under RedHat you follow these instructions, taken from http://www.draytek.co.uk/forum/viewtopic.php?t=6056&highlight=linux
:
Posted: Mon Aug 01, 2005 10:47 am Subject: howto syslog on redhat linux server (with/without iptables)
--------------------------------------------------------------------------------
Hi,
if you don't want to use wallwatcher on windows, you can also use your linux machine's syslog service. This is how to do it on a RedHat 9 machine but should be very similar on other distributions:
Modify /etc/syslog.conf to include the following:
local0.* /var/log/router-firewall.log
local1.* /var/log/router-vpn.log
local2.* /var/log/router-user.log
local3.* /var/log/router-call.log
local4.* /var/log/router-wan.log
local5.* /var/log/router-adsl.log
Modify /etc/sysconfig/syslog so that SYSLOGD_OPTIONS includes "-r -x":
SYSLOGD_OPTIONS="-m 0 -r -x"
If you use an iptables firewall, port 514 needs to be opened to udp traffic, so modify /etc/sysconf/iptables and insert the following line (make sure RH-Lokkit-0-50-INPUT is the correct filter name and replace the ip address with the address of the router, the following is an example):
-A RH-Lokkit-0-50-INPUT -s 192.168.0.1 -p udp -m udp --dport 514 -j ACCEPT
Once all is done, restart syslog (and iptables):
I can happily update /etc/syslog.conf to add the new entries, but I don't have /etc/sysconfig/syslog or a corresponding syslog service to restart. Can anyone tell me where I should be looking?
I'm running Breezy with no GUI.
Many thanks!
Jim