Date parsed: 8/20/1999 2:02:21 AM
Date: Fri, 20 Aug 1999 01:02:21 +0200
I have installed SL4NT v1.3 on TESTBOX and am having at least two =
problems:
1. I believe I have SL$NT configured to start a new log file each day in
c:\bill, but no log file is created.
2. I believe I have SL4NT configured to receive syslog messages on
10.0.0.5:514 and the Cisco 675 (DSL Router) at 10.0.0.1 configured to =
send
them there, but no messages appear in the log file (that is not =
created...).
I see an interesting message in the Application Event Viewer when I =
restart
the Syslog Daemon:
SL4NT Error None 11 N/A TESTBOX An error occurred in binding a socket =
to
192.168.55.100:514/UDP. WinSockets Error: 10049
The only interfaces on the "inside" network router are:
10.0.0.1 Router eth0
10.0.0.5 NTW with SL4NT
192.168.55.100 is the ISP's address space.
Below is data that might be useful.
App Evt Viewer Messages:
8/19/99 2:31:24 PM SL4NT Information None 42 N/A TESTBOX Service
configuration has been reloaded.
8/19/99 2:28:46 PM SL4NT Information None 20 N/A TESTBOX The SysLog =
service
has been started successfully.
8/19/99 2:28:46 PM SL4NT Error None 11 N/A TESTBOX An error occurred in
binding a socket to 192.168.55.100:514/UDP. WinSockets Error: 10049
ver:
Windows NT Version 4.0 SP3
ipconfig /all:
Windows NT IP Configuration Host Name . . . . . . . . . : =
testbox.eaic.com
DNS Servers . . . . . . . . : 172.16.254.80
Node Type . . . . . . . . . : Hybrid NetBIOS Scope ID. . . . . . : IP
Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS
Resolution Uses DNS : No
Ethernet adapter El90x1: Description . . . . . . . . : 3Com 3C90x =
Ethernet
Adapter Physical Address. . . . . . : 00-50-04-70-C3-9D DHCP Enabled. . =
.. .
.. . . . : No IP Address. . . . . . . . . : 10.0.0.5 Subnet Mask . . . . =
.. .
.. . : 255.255.255.0 Default Gateway . . . . . . : 10.0.0.1 Primary WINS
Server . . . . : 172.16.254.100 Secondary WINS Server . . . : =
172.16.254.1
Ethernet adapter NdisWan4: Description . . . . . . . . : NdisWan Adapter
Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =
.. .
: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :
0.0.0.0 Default Gateway . . . . . . :
Ethernet adapter NdisWan6: Description . . . . . . . . : NdisWan Adapter
Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =
.. .
: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :
0.0.0.0 Default Gateway . . . . . . :
Ethernet adapter NdisWan5: Description . . . . . . . . : NdisWan Adapter
Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =
.. .
: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :
0.0.0.0 Default Gateway . . . . . . :
netstat -n -r:
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 04 70 c3 9d ...... 3Com 3C90x Ethernet Adapter
0x3 ...00 00 00 00 00 00 ...... NdisWan Adapter
0x4 ...00 00 00 00 00 00 ...... NdisWan Adapter
0x5 ...00 00 00 00 00 00 ...... NdisWan Adapter
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
Active Routes:
Network Destination Netmask Gateway Interface =
Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 1
10.0.0.0 255.255.255.0 10.0.0.5 10.0.0.5 1
10.0.0.5 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.0.0.5 10.0.0.5 1
255.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
Route Table
Active Connections
Proto Local Address Foreign Address State
TCP 127.0.0.1:1026 127.0.0.1:1029 ESTABLISHED
TCP 127.0.0.1:1029 127.0.0.1:1026 ESTABLISHED
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT]
"Type"=3Ddword:00000010
"Start"=3Ddword:00000002
"ErrorControl"=3Ddword:00000001
"ImagePath"=3Dhex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,6=
5,6d,
33,\
32,5c,73,6c,34,6e,74,2e,65,78,65,00
"DisplayName"=3D"Syslog Daemon"
"DependOnService"=3Dhex(7):54,63,70,69,70,00,45,76,65,6e,74,4c,6f,67,00,0=
0
"DependOnGroup"=3Dhex(7):00
"ObjectName"=3D"LocalSystem"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters]
"Version"=3D"1.3.1.0"
"ResolveSourceIPAddressToHostname"=3Ddword:00000001
"CacheIPAddressHostnameMappings"=3Ddword:00000001
"CacheEntryLife"=3Ddword:00015180
"SMTPServer"=3D"localhost"
"SMTPSenderAddress"=3D"sl4nt@mydomain.com, SysLog Daemon"
"ServerPort"=3Ddword:00000202
"DefaultForwarderDestinationPort"=3Ddword:00000202
"LoggingLevel"=3Ddword:00000007
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=
tio
ns]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=
tio
ns\#1]
"Type"=3Ddword:00000002
"Description"=3D"DSL"
"LogFormat"=3Ddword:01000002
"LogFileMode"=3Ddword:00000003
"LogFileDirectory"=3D"C:\\Bill"
"LogFileName"=3D"dsl.txt"
"PurgeLogFile"=3Ddword:00000000
"PercentageToPurge"=3Ddword:0000005a
"MaximumLogFileSize"=3Ddword:00080000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Lo=
gFo
rmats]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=
les
]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=
les
\#1]
"Enabled"=3Ddword:00000001
"StopOnFire"=3Ddword:00000000
"Description"=3D"DSL"
"ConditionFacilityMask"=3Ddword:00ff03ff
"ConditionMinPriority"=3Ddword:00000007
"ConditionMaxPriority"=3Ddword:00000000
"ConditionIPAddressTrueIfWithin"=3Ddword:00000001
"ConditionIPAddressRanges"=3Dhex(7):31,30,2e,30,2e,30,2e,31,20,2d,20,32,3=
5,35,
2e,\
32,35,35,2e,32,35,35,2e,30,00,00
"ConditionReceiveTimeTrueIfWithin"=3Ddword:00000001
"ConditionReceiveTimePeriods"=3Dhex(7):00,00
"ConditionSubstrings"=3D""
"ConditionStringIgnoreCase"=3Ddword:00000000
"ConditionStringIsRegExp"=3Ddword:00000000
"Actions"=3Dhex(7):31,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Performance]
"Library"=3D"sl4ntprf.dll"
"Open"=3D"OpenSL4NTPerformanceData"
"Collect"=3D"CollectSL4NTPerformanceData"
"Close"=3D"CloseSL4NTPerformanceData"
"Last Counter"=3Ddword:00000780
"Last Help"=3Ddword:00000781
"First Counter"=3Ddword:00000738
"First Help"=3Ddword:00000739
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Security]
"Security"=3Dhex:01,00,14,80,c0,00,00,00,cc,00,00,00,14,00,00,00,34,00,00=
,00,0
2,\
00,20,00,01,00,00,00,02,80,18,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,0=
0,\
00,00,20,02,00,00,02,00,8c,00,05,00,00,00,00,00,18,00,8d,01,02,00,01,01,0=
0,\
00,00,00,00,01,00,00,00,00,74,00,73,00,00,00,1c,00,fd,01,02,00,01,02,00,0=
0,\
00,00,00,05,20,00,00,00,23,02,00,00,76,00,63,00,00,00,1c,00,ff,01,0f,00,0=
1,\
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,76,00,63,00,00,00,1c,00,ff,0=
1,\
0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,76,00,63,00,00,00,1=
8,\
00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,25,02,00,00,01,01,00,0=
0,\
00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Enum]
"0"=3D"Root\\LEGACY_SL4NT\\0000"
"Count"=3Ddword:00000001
"NextInstance"=3Ddword:00000001
Directory where I'd hope to find SL4NT log files:
Volume in drive C is MICRON
Volume Serial Number is 3718-5AFF
Directory of C:\BILL
08/19/99 09:49a <DIR> .
08/19/99 09:49a <DIR> ..
08/19/99 02:34p 6,439 sl4nt.txt
08/19/99 02:29p 251 sl4ntappevt.txt
08/19/99 02:32p 3,402 sl4ntreg.txt
08/19/99 02:36p 260 telnet.log
6 File(s) 10,352 bytes
Total Files Listed:
6 File(s) 10,352 bytes
1,041,104,896 bytes free
10.0.0.5 Router Configuration:
in-tex#sho arp
Address Resolution Protocol Table
ENTRY: dynamic,target:10.0.0.5,mac address:00500470c39d,port:0,age:0
in-tex#sho syslog
SYSLOG Configuration
Currently Enabled
Currently sends syslog information to 10.0.0.5
Currently uses port 514
in-tex#sho route
[TARGET] [MASK] [GATEWAY] [M] [TYPE] [IF]
[AGE]
0.0.0.0 0.0.0.0 0.0.0.0 1 SA
WAN0-0 0
10.0.0.0 255.255.255.0 0.0.0.0 1 LA ETH0
0
199.181.164.0 255.255.255.0 0.0.0.0 1 A WAN0-0 0
in-tex#sho interface
IP Address Mask
eth0 10.0.0.1 255.255.255.0
wan0 Physical Port: Trained
Dest IP Address Mask
wan0-0 199.181.164.134 255.255.255.255