On Mar 22, 2007, at 3:45 PM, David Robillard wrote:

Hello,

I'm trying to put up a remote logging server. I want to let my
Airport Express send its logs to my FreeBSD server.

So I said to my Airport to send its logs to the internal ip of my
server, I suppose it works because that's what Apple hardware does.
Now I did the following things on my bsdbox:


I appended to syslog.conf:

# Log remote Airport Express
+airport
*.*             /var/log/airport.log
!*

I touched /var/log/airport.log and it has rw-r----- root:wheel rights

And to rc.conf I added:

syslogd_enable="YES"
syslogd_flags="-b myhostname.intranet -a *.intranet"

I restarted syslogd via:
# /etc/rc.d/syslogd restart

I suppose it should work, but nothing appears in /var/log/airport and
there should be something that it listens for input or not?

Also I checked netstat -a | grep syslog
udp4       0      0  myhostname.intranet..syslo *.*

So it looks like it is not listening.

Anyone any ideas what I'm doing wrong?

The Apple AirPort products, both Extreme and Express, do not use the
standard syslog UDP port 514. They send it at a higher port. Just like
most Cisco devices do.

So to enable logging on a FreeBSD host, you must change your
rc.conf(5) syslog_flags line to enable other non-standard syslog
ports. Try something like this:

syslogd_flags="-b myhostname.intranet -a *.intranet:*"

Since you're using names instead of IP addresses in your
configuration, make sure your DNS resolves both A and PTR records for
the AirPort.

Thnx for the tip. Found out that it was not the airport UDP port. It is
some misconfiguration in my DNS, but still don't get why it doesn't work
as expected. For some reason my DNS-name is snipped just before the TLD.

Oh btw i changed some configs

I prepended to /etc/syslog.conf the next and deleted what I wrote above
# Log remote Airport Express
+airport.intranet.mydomain.org
*.*             /var/log/airport.log
+*
!*

And in rc.conf I changed the above to:
syslogd_enable="YES"
syslogd_flags="-b myhostname.intranet.mydomain.org -a airport.intranet.mydomain.org"

So what comes in on syslogd looks like "airport.intranet.mydomain" so no
.org or something. I really don't get where that comes from. But now
syslogd rejects because of "name mismatch".

I suppose something is wrong with either my DNS or my DHCP (appending
the domainname??), but at dhcpd I have the option "domain-name" set to
"intranet.mydomain.org". So still don't get whats going wrong.

My dns gives a the right IP and reverse gives right name.
dig airport.intranet.mydomain.org --> 10.0.10.30
dig -x 10.0.10.30 --> airport.intranet.mydomain.org

So anyone any ideas?

TIA

--Guido
www.rottnic.nl

Reply via email to