Date parsed: 8/20/1999 3:27:10 PM
Date: Fri, 20 Aug 1999 14:27:10 +0200

Hi Bill,


1.) Are no messages written to the specified log file or is your problem
that no new log file is created every day?

2:) I assume that the error Event Log record is caused by the fact that =
one
of the RAS dial-up interfaces was up when SL4NT started.
You can safely ignore this record in your case.

Franz


Bill Squires <bsquires@discovermusic.com> wrote in message
news:C1CEE8E342DDD111A5720020AFE7798F15F689@is1.netal.com...
> I have installed SL4NT v1.3 on TESTBOX and am having at least two
problems:
>
> 1. I believe I have SL$NT configured to start a new log file each day =
in
> c:\bill, but no log file is created.
>
> 2. I believe I have SL4NT configured to receive syslog messages on
> 10.0.0.5:514 and the Cisco 675 (DSL Router) at 10.0.0.1 configured to =
send
> them there, but no messages appear in the log file (that is not
created...).
>
> I see an interesting message in the Application Event Viewer when I
restart
> the Syslog Daemon:
>
> SL4NT Error None 11 N/A TESTBOX An error occurred in binding a socket =
to
> 192.168.55.100:514/UDP. WinSockets Error: 10049
>
> The only interfaces on the "inside" network router are:
>
> 10.0.0.1 Router eth0
> 10.0.0.5 NTW with SL4NT
>
> 192.168.55.100 is the ISP's address space.
>
> Below is data that might be useful.
>
> App Evt Viewer Messages:
>
> 8/19/99 2:31:24 PM SL4NT Information None 42 N/A TESTBOX Service
> configuration has been reloaded.
> 8/19/99 2:28:46 PM SL4NT Information None 20 N/A TESTBOX The SysLog
service
> has been started successfully.
> 8/19/99 2:28:46 PM SL4NT Error None 11 N/A TESTBOX An error occurred =
in
> binding a socket to 192.168.55.100:514/UDP. WinSockets Error: 10049
>
> ver:
>
> Windows NT Version 4.0 SP3
>
> ipconfig /all:
>
> Windows NT IP Configuration Host Name . . . . . . . . . : =
testbox.eaic.com
> DNS Servers . . . . . . . . : 172.16.254.80
> Node Type . . . . . . . . . : Hybrid NetBIOS Scope ID. . . . . . : =
IP
> Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS
> Resolution Uses DNS : No
> Ethernet adapter El90x1: Description . . . . . . . . : 3Com 3C90x =
Ethernet
> Adapter Physical Address. . . . . . : 00-50-04-70-C3-9D DHCP Enabled. =
.. .
..
> . . . . : No IP Address. . . . . . . . . : 10.0.0.5 Subnet Mask . . . =
.. .
..
> . . : 255.255.255.0 Default Gateway . . . . . . : 10.0.0.1 Primary =
WINS
> Server . . . . : 172.16.254.100 Secondary WINS Server . . . : =
172.16.254.1
> Ethernet adapter NdisWan4: Description . . . . . . . . : NdisWan =
Adapter
> Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . =
.. .
..
> : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . =
:
> 0.0.0.0 Default Gateway . . . . . . :
> Ethernet adapter NdisWan6: Description . . . . . . . . : NdisWan =
Adapter
> Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . =
.. .
..
> : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . =
:
> 0.0.0.0 Default Gateway . . . . . . :
> Ethernet adapter NdisWan5: Description . . . . . . . . : NdisWan =
Adapter
> Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . =
.. .
..
> : No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . =
:
> 0.0.0.0 Default Gateway . . . . . . :
>
> netstat -n -r:
>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

> Interface List
> 0x1 ........................... MS TCP Loopback interface
> 0x2 ...00 50 04 70 c3 9d ...... 3Com 3C90x Ethernet Adapter
> 0x3 ...00 00 00 00 00 00 ...... NdisWan Adapter
> 0x4 ...00 00 00 00 00 00 ...... NdisWan Adapter
> 0x5 ...00 00 00 00 00 00 ...... NdisWan Adapter
>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

> Active Routes:
> Network Destination Netmask Gateway Interface
Metric
> 0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 =
1
> 10.0.0.0 255.255.255.0 10.0.0.5 10.0.0.5 =
1
> 10.0.0.5 255.255.255.255 127.0.0.1 127.0.0.1 =
1
> 10.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 =
1
> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 =
1
> 224.0.0.0 224.0.0.0 10.0.0.5 10.0.0.5 =
1
> 255.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 =
1
>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

>
> Route Table
>
> Active Connections
>
> Proto Local Address Foreign Address State
> TCP 127.0.0.1:1026 127.0.0.1:1029 ESTABLISHED
> TCP 127.0.0.1:1029 127.0.0.1:1026 ESTABLISHED
>
> REGEDIT4
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT]
> "Type"=3Ddword:00000010
> "Start"=3Ddword:00000002
> "ErrorControl"=3Ddword:00000001
>
"ImagePath"=3Dhex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,6=
5,6d,
> 33,\
> 32,5c,73,6c,34,6e,74,2e,65,78,65,00
> "DisplayName"=3D"Syslog Daemon"
> =
"DependOnService"=3Dhex(7):54,63,70,69,70,00,45,76,65,6e,74,4c,6f,67,00,0=
0
> "DependOnGroup"=3Dhex(7):00
> "ObjectName"=3D"LocalSystem"
>
> =
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters]
> "Version"=3D"1.3.1.0"
> "ResolveSourceIPAddressToHostname"=3Ddword:00000001
> "CacheIPAddressHostnameMappings"=3Ddword:00000001
> "CacheEntryLife"=3Ddword:00015180
> "SMTPServer"=3D"localhost"
> "SMTPSenderAddress"=3D"sl4nt@mydomain.com, SysLog Daemon"
> "ServerPort"=3Ddword:00000202
> "DefaultForwarderDestinationPort"=3Ddword:00000202
> "LoggingLevel"=3Ddword:00000007
>
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=
tio
> ns]
>
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=
tio
> ns\#1]
> "Type"=3Ddword:00000002
> "Description"=3D"DSL"
> "LogFormat"=3Ddword:01000002
> "LogFileMode"=3Ddword:00000003
> "LogFileDirectory"=3D"C:\\Bill"
> "LogFileName"=3D"dsl.txt"
> "PurgeLogFile"=3Ddword:00000000
> "PercentageToPurge"=3Ddword:0000005a
> "MaximumLogFileSize"=3Ddword:00080000
>
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Lo=
gFo
> rmats]
>
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=
les
> ]
>
>
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=
les
> \#1]
> "Enabled"=3Ddword:00000001
> "StopOnFire"=3Ddword:00000000
> "Description"=3D"DSL"
> "ConditionFacilityMask"=3Ddword:00ff03ff
> "ConditionMinPriority"=3Ddword:00000007
> "ConditionMaxPriority"=3Ddword:00000000
> "ConditionIPAddressTrueIfWithin"=3Ddword:00000001
>
"ConditionIPAddressRanges"=3Dhex(7):31,30,2e,30,2e,30,2e,31,20,2d,20,32,3=
5,35,
> 2e,\
> 32,35,35,2e,32,35,35,2e,30,00,00
> "ConditionReceiveTimeTrueIfWithin"=3Ddword:00000001
> "ConditionReceiveTimePeriods"=3Dhex(7):00,00
> "ConditionSubstrings"=3D""
> "ConditionStringIgnoreCase"=3Ddword:00000000
> "ConditionStringIsRegExp"=3Ddword:00000000
> "Actions"=3Dhex(7):31,00,00
>
> =
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Performance]
> "Library"=3D"sl4ntprf.dll"
> "Open"=3D"OpenSL4NTPerformanceData"
> "Collect"=3D"CollectSL4NTPerformanceData"
> "Close"=3D"CloseSL4NTPerformanceData"
> "Last Counter"=3Ddword:00000780
> "Last Help"=3Ddword:00000781
> "First Counter"=3Ddword:00000738
> "First Help"=3Ddword:00000739
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Security]
>
"Security"=3Dhex:01,00,14,80,c0,00,00,00,cc,00,00,00,14,00,00,00,34,00,00=
,00,0
> 2,\
>
>
00,20,00,01,00,00,00,02,80,18,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,0=
0,\
>
>
00,00,20,02,00,00,02,00,8c,00,05,00,00,00,00,00,18,00,8d,01,02,00,01,01,0=
0,\
>
>
00,00,00,00,01,00,00,00,00,74,00,73,00,00,00,1c,00,fd,01,02,00,01,02,00,0=
0,\
>
>
00,00,00,05,20,00,00,00,23,02,00,00,76,00,63,00,00,00,1c,00,ff,01,0f,00,0=
1,\
>
>
02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,76,00,63,00,00,00,1c,00,ff,0=
1,\
>
>
0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,76,00,63,00,00,00,1=
8,\
>
>
00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,25,02,00,00,01,01,00,0=
0,\
> 00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Enum]
> "0"=3D"Root\\LEGACY_SL4NT\\0000"
> "Count"=3Ddword:00000001
> "NextInstance"=3Ddword:00000001
>
>
> Directory where I'd hope to find SL4NT log files:
>
> Volume in drive C is MICRON
> Volume Serial Number is 3718-5AFF
>
>
> Directory of C:\BILL
>
> 08/19/99 09:49a <DIR> .
> 08/19/99 09:49a <DIR> ..
> 08/19/99 02:34p 6,439 sl4nt.txt
> 08/19/99 02:29p 251 sl4ntappevt.txt
> 08/19/99 02:32p 3,402 sl4ntreg.txt
> 08/19/99 02:36p 260 telnet.log
> 6 File(s) 10,352 bytes
>
> Total Files Listed:
> 6 File(s) 10,352 bytes
> 1,041,104,896 bytes free
>
> 10.0.0.5 Router Configuration:
>
> in-tex#sho arp
> Address Resolution Protocol Table
> ENTRY: dynamic,target:10.0.0.5,mac address:00500470c39d,port:0,age:0
>
> in-tex#sho syslog
> SYSLOG Configuration
> Currently Enabled
> Currently sends syslog information to 10.0.0.5
> Currently uses port 514
>
> in-tex#sho route
> [TARGET] [MASK] [GATEWAY] [M] [TYPE] [IF]
> [AGE]
> 0.0.0.0 0.0.0.0 0.0.0.0 1 SA
> WAN0-0 0
> 10.0.0.0 255.255.255.0 0.0.0.0 1 LA =
ETH0
> 0
> 199.181.164.0 255.255.255.0 0.0.0.0 1 A WAN0-0 =
0
>
> in-tex#sho interface
> IP Address Mask
> eth0 10.0.0.1 255.255.255.0
>
> wan0 Physical Port: Trained
>
> Dest IP Address Mask
> wan0-0 199.181.164.134 255.255.255.255
>
>
>
>
>
>