are you using '-j REJECT --reject-with icmp-port-unreachable'
or just the default '-j DROP'?
DROP tells iptables to drop the packet on the floor like it never existed,
giving the sending host no indication as to what happened. REJECT will
respond with something and you can specify what that something is.
Chip
On Tue, Jul 01, 2014 at 11:38:21AM +0000, Max Williams wrote:
Hi,
I am trying to get reliable failover logging to 2 remote hosts using this
config:
*.* @@<remote1>:514
$ActionExecOnlyWhenPreviousIsSuspended on
& @@<remote2>:514
$ActionExecOnlyWhenPreviousIsSuspended off
This works fine if I stop syslog on the remote1 host, the rsyslog client host fails
over and fails back with no problems. But if I use iptables to drop TCP/514 on
remote1 server then on the client host the TCP connection goes to CLOSE_WAIT and
then to LAST_ACK & SYN_SENT and finally to just SYN_SENT. It then just stays as
SYN_SENT indefinitely and rsyslog does not failover to the second destination:
tcp 0 1 <client host>:40416 <remote1>:514
SYN_SENT 3393/rsyslogd
I've read Rainer's blog
post<http://blog.gerhards.net/2011/03/using-failover-and-asynchornous-actions.html> and I
do not have "$ActionQueueType LinkedList" set.
Is there some configuration I am missing? I'm using version 5.8.10, I know it's
old.
Thanks,
Max
____________________________
The London Metal Exchange is a company incorporated in England and Wales with
registered number 02128666, VAT registered number GB 918 4582 96 and having its
registered office at 56 Leadenhall Street, London EC3A 2DX.
LME Clear Limited is a company incorporated in England and Wales with
registered number 07611628, VAT registered number GB 918 4582 96 and having its
registered office at 56 Leadenhall Street, London EC3A 2DX.
The London Metal Exchange is a recognised investment exchange, supervised by
the Financial Conduct Authority (FCA).
This email may have been sent on behalf of The London Metal Exchange, LME Clear
Limited, or jointly on behalf of both.
Please note that this message is intended for the named recipient(s) only. Its
contents may be confidential or subject to professional privilege. If you are
not an intended recipient, you may not disclose, copy or use in any way the
information contained in it; please delete it and notify [email protected]
immediately and delete it from your system.
Unless expressly attributed, the views expressed in this email do not
necessarily represent the views of the London Metal Exchange or LME Clear
Limited.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
--
------
**** Warning ****
This e-mail message, without warrant or warning, and despite US law as set
forth in the Foreign Intelligence Surveillance Act of 1978, may be subject
to monitoring by the United States National Security Agency and/or the
Department of Defense. Information contained in this message may be used
against any senders or recipients, now or in the future, in a public trial
or secret tribunal.
Please encrypt anything important.
PGP Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x6CFA486D
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
