Summary: syslog not working in Solaris 10

From: Andreas Höschler <ahoesch_at_smartsoft.de> Date: Mon Jan 14 2008 - 16:54:30 EST · This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:08 EST

Dear managers,

thanks to

"Musa Williams" <musa.williams@gmail.com>
"Luc I. Suryo" <luc@suryo.com>
"Crist Clark" <Crist.Clark@globalstar.com>

for their responses. The following does the trick:

IPFilter is set to use local0 and it's better have it own file since it 
can be big! And remember to create a crontab to rotate the file too! I 
would sugget to rotate using logadm! edit /etc/logadm.conf or make your 
own config for ipfilter accordingly
(see man logadm) how you want the log file be rotated.

	pico /etc/syslog.conf
--------------------------

local0.debug	/var/log/ipflog
             ^^^ TAB!

------------------------

	touch  /var/log/ipflog
	/usr/sbin/svcadm restart system-log
	tail -f /var/log/ipflog

Regards,

   Andreas

> I have inherited an older Telco Server with Solaris 10 installed that I
> would like to use for tracking down some routing problems. I configured
> ipfilter like so
>
> 	pico /etc/ipf/ipf.conf
>
> pass in log all
> log out all
> count in all
> pass out log quick on dmfe1 proto tcp/udp from any to any keep state
> pass out log quick on dmfe1 proto icmp from any to any keep state
>
> 	pico /etc/ipf/ipnat.conf
>
> map dmfe1 192.168.1.0/24 -> 213.X.Y.Z/32 proxy port ftp ftp/tcp
> map dmfe1 192.168.1.0/24 -> 213.X.Y.Z/32 proxy port isakmp ipsec/udp
> map dmfe1 192.168.1.0/24 -> 213.X.Y.Z/32 portmap tcp/udp auto
> map dmfe1 192.168.1.0/24 -> 213.X.Y.Z/32
>
> and hoped I would see what it is doing in /var/log/syslog. But I
> getnothing this file has length 0.
>
> 	ls -l  /var/adm/messages
> -rw-r--r--   1 root     root           0 Jan 14 03:10 /var/adm/messages
>
> 	ls -l  /var/log/syslog
> -rw-r--r--   1 root     sys            0 Sep  6  2006 /var/log/syslog
>
> 	svcs -a | grep log
> legacy_run     23:03:32 lrc:/etc/rc2_d/S94ncalogd
> legacy_run     23:03:32 lrc:/etc/rc2_d/S99dtlogin
> disabled       23:02:19 svc:/application/gdm2-login:default
> disabled       23:03:17 svc:/network/login:eklogin
> disabled       23:03:17 svc:/network/login:klogin
> online         23:03:12 svc:/system/console-login:default
> online         23:03:21 svc:/system/system-log:default
> online         23:03:24 svc:/network/login:rlogin
>
> 	svcadm disable system/system-log:default
> 	svcadm enable system/system-log:default
> 	svcadm restart system/system-log:default
>
> 	tail -f /var/log/syslog
>
> How can I get thi smachine tolog soemthing into /var/log/syslog,
> especially the outputz of ipmon?
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers