uname -a FreeBSD 7.0-RELEASE syslog-ng --version syslog-ng 2.0.10
change date on syslog-ng.conf is "Apr 20 2009" syslog-ng been running untouched for that long. Millions of lines/per day log from 10 source machine. about 00:20 today Friday, all syslogging to syslog-ng stopped. sockstat -4 shows udp/tcp 514 listening chkrootkit shows nothing wrong stop syslog-ng then pkg_delete, and then cd /usr/ports/sysutils/syslog-ng2 make && make install start it, no change I rebooted the syslog server. no change trafshow -i bce0 -n then filter 514 ... shows 100KBs arriving from our syslog clients. tshark capture "port 514" on syslog-ng box shows plenty of traffic arriving with untouched pf rules active, pfctl -d no change so pfctl -e df shows plenty of disk space for /var suggestions? Len _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
