unable to syslog from one computer to another

Experts:

I am trying to send log messages from a Linux box named longstreet to another Linux box named venus.  They are on the same subnet. The messages never show up on venus.  I am using a logger command on longstreet such as the following to send the message:

tayloe@longstreet$ logger -p mail.info "This is a test"

I happen to use mail.info, but it could be any facility or severity level.

The relevant line in the /etc/syslog.conf file on longstreet is:

mail.info                        @venus.officenet.sham

The relevant line in the /etc/syslog.conf file on venus is:

mail.info                        /var/log/mail.test

The message never shows up in /var/log/mail.test on venus.  The message does, however, show up on longstreet in the correct file for mail.info messages.  So I know the message is going out.

I started the syslog program on venus with the -r option so I think it is accepting logs from other hosts.  Below is the output from "ps -e | grep 514" on venus, so I think venus is listening on udp 514 which is apparently the correct default port.  

udp        0      0 0.0.0.0:514                 0.0.0.0:*                              
udp        0      0 :::514                      :::*              

I don't think iptables is running on venus.  That might prevent venus from getting log messages from another host.  

I am able to go the other way.  That is, I am able to log messages on longstreet that are sent from venus.  So the computers are able to talk OK.

Can someone tell me what might be wrong?

Thanks,
Tnic
tayloenicAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

freaky_NLCommented:
Just to be sure iptables isn't running you could issue

iptables -L -v -n

anyways you might need to setup the logger to allow logs from external computers. Use syslog-ng myself.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The--CaptainCommented:
tcpdump on port 514 (both hosts) should point you in the right direction.

Cheers,
-Jon
0
tayloenicAuthor Commented:
freaky & captain:
Well, I'm a dumbass.  I kept thinking about a firewall blocking the syslog messages, but I know of only iptables.  I searched for that in the ps -e listing and it wasn't there, so in my mind I removed firewalls as a possible source of the trouble.  But I finally found "security level and firewall" in the fedora administration menu and found that a firewall is running (selinux?) and that was the trouble.  I changed it to allow udp 514 and it's working.  

Thanks to both of you for responding.  I will probably switch to syslog-ng, but I wanted to solve this problem first if for pride if nothing else.  And I will experiment with tcpdump and see if I could have found the problem that way.

Tnic
0
The--CaptainCommented:
>but I know of only iptables.  I searched for that in the ps -e listing and it
>wasn't there, so in my mind I removed firewalls as a possible source of the trouble

iptables is simply that - a table of IP related info resident in memory to which the kernel refers when it's dealing with IP traffic.  You will not see a process specifically referring to iptables, because as I said, it's a table of information, not a process.

Your GUI probably just adjusted iptables for you.

iptables-save dumps the information to stdout on my box - YMMV.

Cheers,
-Jon
 
0
tayloenicAuthor Commented:
Captain:

You are exactly correct.  iptables-save shows that iptables is running and shows the rule that was added by my GUI to allow udp 514.  I had no idea that iptables would not show up in a process status listing.  

Thanks a lot!!!
Tnic
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.