[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

514/ucp won't listen for remote syslog



I'm setting up a syslog server on our LAN for diagnostic reasons.  The
machine I've setup is running RH7.1, stock kernel 2.4.2-2 (the problems
I'm listing below were repeated on a different box running RH7.3)  
syslogd is running with the '-r' option in '/etc/init.d/syslog' so that
it can listen to another machine on the LAN.

Restarting the syslog service generates the following messages:
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]
Starting system logger:                                    [  OK  ]
Starting kernel logger:                                    [  OK  ]

Then I run 'netstat -an' and get:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address        
State
tcp        0      0 0.0.0.0:1024            0.0.0.0:*              
LISTEN
tcp        0      0 0.0.0.0:515             0.0.0.0:*              
LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*              
LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*              
LISTEN
tcp        0      0 192.168.1.114:22        192.168.1.83:37072     
ESTABLISHED
udp        0      0 0.0.0.0:1024            0.0.0.0:*
udp        0      0 0.0.0.0:514             0.0.0.0:*
udp        0      0 0.0.0.0:602             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*

which shows that 514/udp is not listening.  Nmap confirms this.

Here's the default /etc/syslog.conf file:

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none               
/var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  /var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages, plus log them on another
# machine.
*.emerg                                                 *

# Save mail and news errors of level err and higher in a
# special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*

What am I missing?  How can I get 514/udp to listen?

-- 
Dan Fleischer
Systems Administrator
Bank & Trust Co.
401 N. Madison St.
Litchfield, IL 62056

Ph. 217-324-3935
http://www.bank-and-trust.com


-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.