Privacy Policy

Guest
  • Guest
  • Guest Topic Starter
1999-08-20T02:02:21Z
Date parsed: 8/20/1999 2:02:21 AM

Date: Fri, 20 Aug 1999 01:02:21 +0200

I have installed SL4NT v1.3 on TESTBOX and am having at least two =

problems:

1. I believe I have SL$NT configured to start a new log file each day in

c:\bill, but no log file is created.

2. I believe I have SL4NT configured to receive syslog messages on

10.0.0.5:514 and the Cisco 675 (DSL Router) at 10.0.0.1 configured to =

send

them there, but no messages appear in the log file (that is not =

created...).

I see an interesting message in the Application Event Viewer when I =

restart

the Syslog Daemon:

SL4NT Error None 11 N/A TESTBOX An error occurred in binding a socket =

to

192.168.55.100:514/UDP. WinSockets Error: 10049

The only interfaces on the "inside" network router are:

10.0.0.1 Router eth0

10.0.0.5 NTW with SL4NT

192.168.55.100 is the ISP's address space.

Below is data that might be useful.

App Evt Viewer Messages:

8/19/99 2:31:24 PM SL4NT Information None 42 N/A TESTBOX Service

configuration has been reloaded.

8/19/99 2:28:46 PM SL4NT Information None 20 N/A TESTBOX The SysLog =

service

has been started successfully.

8/19/99 2:28:46 PM SL4NT Error None 11 N/A TESTBOX An error occurred in

binding a socket to 192.168.55.100:514/UDP. WinSockets Error: 10049

ver:

Windows NT Version 4.0 SP3

ipconfig /all:

Windows NT IP Configuration Host Name . . . . . . . . . : =

testbox.eaic.com

DNS Servers . . . . . . . . : 172.16.254.80

Node Type . . . . . . . . . : Hybrid NetBIOS Scope ID. . . . . . : IP

Routing Enabled. . . . . : No WINS Proxy Enabled. . . . . : No NetBIOS

Resolution Uses DNS : No

Ethernet adapter El90x1: Description . . . . . . . . : 3Com 3C90x =

Ethernet

Adapter Physical Address. . . . . . : 00-50-04-70-C3-9D DHCP Enabled. . =

.. .

.. . . . : No IP Address. . . . . . . . . : 10.0.0.5 Subnet Mask . . . . =

.. .

.. . : 255.255.255.0 Default Gateway . . . . . . : 10.0.0.1 Primary WINS

Server . . . . : 172.16.254.100 Secondary WINS Server . . . : =

172.16.254.1

Ethernet adapter NdisWan4: Description . . . . . . . . : NdisWan Adapter

Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =

.. .

: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :

0.0.0.0 Default Gateway . . . . . . :

Ethernet adapter NdisWan6: Description . . . . . . . . : NdisWan Adapter

Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =

.. .

: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :

0.0.0.0 Default Gateway . . . . . . :

Ethernet adapter NdisWan5: Description . . . . . . . . : NdisWan Adapter

Physical Address. . . . . . : 00-00-00-00-00-00 DHCP Enabled. . . . . . =

.. .

: No IP Address. . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . :

0.0.0.0 Default Gateway . . . . . . :

netstat -n -r:

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 50 04 70 c3 9d ...... 3Com 3C90x Ethernet Adapter

0x3 ...00 00 00 00 00 00 ...... NdisWan Adapter

0x4 ...00 00 00 00 00 00 ...... NdisWan Adapter

0x5 ...00 00 00 00 00 00 ...... NdisWan Adapter

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

Active Routes:

Network Destination Netmask Gateway Interface =

Metric

0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.5 1

10.0.0.0 255.255.255.0 10.0.0.5 10.0.0.5 1

10.0.0.5 255.255.255.255 127.0.0.1 127.0.0.1 1

10.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

224.0.0.0 224.0.0.0 10.0.0.5 10.0.0.5 1

255.255.255.255 255.255.255.255 10.0.0.5 10.0.0.5 1

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=

Route Table

Active Connections

Proto Local Address Foreign Address State

TCP 127.0.0.1:1026 127.0.0.1:1029 ESTABLISHED

TCP 127.0.0.1:1029 127.0.0.1:1026 ESTABLISHED

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT]

"Type"=3Ddword:00000010

"Start"=3Ddword:00000002

"ErrorControl"=3Ddword:00000001

"ImagePath"=3Dhex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,6=

5,6d,

33,\

32,5c,73,6c,34,6e,74,2e,65,78,65,00

"DisplayName"=3D"Syslog Daemon"

"DependOnService"=3Dhex(7):54,63,70,69,70,00,45,76,65,6e,74,4c,6f,67,00,0=

0

"DependOnGroup"=3Dhex(7):00

"ObjectName"=3D"LocalSystem"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters]

"Version"=3D"1.3.1.0"

"ResolveSourceIPAddressToHostname"=3Ddword:00000001

"CacheIPAddressHostnameMappings"=3Ddword:00000001

"CacheEntryLife"=3Ddword:00015180

"SMTPServer"=3D"localhost"

"SMTPSenderAddress"=3D"sl4nt@mydomain.com, SysLog Daemon"

"ServerPort"=3Ddword:00000202

"DefaultForwarderDestinationPort"=3Ddword:00000202

"LoggingLevel"=3Ddword:00000007

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=

tio

ns]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ac=

tio

ns\#1]

"Type"=3Ddword:00000002

"Description"=3D"DSL"

"LogFormat"=3Ddword:01000002

"LogFileMode"=3Ddword:00000003

"LogFileDirectory"=3D"C:\\Bill"

"LogFileName"=3D"dsl.txt"

"PurgeLogFile"=3Ddword:00000000

"PercentageToPurge"=3Ddword:0000005a

"MaximumLogFileSize"=3Ddword:00080000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Lo=

gFo

rmats]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=

les

]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Parameters\Ru=

les

\#1]

"Enabled"=3Ddword:00000001

"StopOnFire"=3Ddword:00000000

"Description"=3D"DSL"

"ConditionFacilityMask"=3Ddword:00ff03ff

"ConditionMinPriority"=3Ddword:00000007

"ConditionMaxPriority"=3Ddword:00000000

"ConditionIPAddressTrueIfWithin"=3Ddword:00000001

"ConditionIPAddressRanges"=3Dhex(7):31,30,2e,30,2e,30,2e,31,20,2d,20,32,3=

5,35,

2e,\

32,35,35,2e,32,35,35,2e,30,00,00

"ConditionReceiveTimeTrueIfWithin"=3Ddword:00000001

"ConditionReceiveTimePeriods"=3Dhex(7):00,00

"ConditionSubstrings"=3D""

"ConditionStringIgnoreCase"=3Ddword:00000000

"ConditionStringIsRegExp"=3Ddword:00000000

"Actions"=3Dhex(7):31,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Performance]

"Library"=3D"sl4ntprf.dll"

"Open"=3D"OpenSL4NTPerformanceData"

"Collect"=3D"CollectSL4NTPerformanceData"

"Close"=3D"CloseSL4NTPerformanceData"

"Last Counter"=3Ddword:00000780

"Last Help"=3Ddword:00000781

"First Counter"=3Ddword:00000738

"First Help"=3Ddword:00000739

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Security]

"Security"=3Dhex:01,00,14,80,c0,00,00,00,cc,00,00,00,14,00,00,00,34,00,00=

,00,0

2,\

00,20,00,01,00,00,00,02,80,18,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,0=

0,\

00,00,20,02,00,00,02,00,8c,00,05,00,00,00,00,00,18,00,8d,01,02,00,01,01,0=

0,\

00,00,00,00,01,00,00,00,00,74,00,73,00,00,00,1c,00,fd,01,02,00,01,02,00,0=

0,\

00,00,00,05,20,00,00,00,23,02,00,00,76,00,63,00,00,00,1c,00,ff,01,0f,00,0=

1,\

02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,76,00,63,00,00,00,1c,00,ff,0=

1,\

0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,76,00,63,00,00,00,1=

8,\

00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,25,02,00,00,01,01,00,0=

0,\

00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SL4NT\Enum]

"0"=3D"Root\\LEGACY_SL4NT\\0000"

"Count"=3Ddword:00000001

"NextInstance"=3Ddword:00000001

Directory where I'd hope to find SL4NT log files:

Volume in drive C is MICRON

Volume Serial Number is 3718-5AFF

Directory of C:\BILL

08/19/99 09:49a <DIR> .

08/19/99 09:49a <DIR> ..

08/19/99 02:34p 6,439 sl4nt.txt

08/19/99 02:29p 251 sl4ntappevt.txt

08/19/99 02:32p 3,402 sl4ntreg.txt

08/19/99 02:36p 260 telnet.log

6 File(s) 10,352 bytes

Total Files Listed:

6 File(s) 10,352 bytes

1,041,104,896 bytes free

10.0.0.5 Router Configuration:

in-tex#sho arp

Address Resolution Protocol Table

ENTRY: dynamic,target:10.0.0.5,mac address:00500470c39d,port:0,age:0

in-tex#sho syslog

SYSLOG Configuration

Currently Enabled

Currently sends syslog information to 10.0.0.5

Currently uses port 514

in-tex#sho route

[TARGET] [MASK] [GATEWAY] [M] [TYPE] [IF]

[AGE]

0.0.0.0 0.0.0.0 0.0.0.0 1 SA

WAN0-0 0

10.0.0.0 255.255.255.0 0.0.0.0 1 LA ETH0

0

199.181.164.0 255.255.255.0 0.0.0.0 1 A WAN0-0 0

in-tex#sho interface

IP Address Mask

eth0 10.0.0.1 255.255.255.0

wan0 Physical Port: Trained

Dest IP Address Mask

wan0-0 199.181.164.134 255.255.255.255

Similar Topics