Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote syslog server - changing local syslog client's remote server port

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 5 Posters 6.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      inorx
      last edited by

      Hi all

      i got a syslog server running on a NAS box in my local network. Because the NAS uses port 514 for it's own internal syslog (hell knows why) i had to use another port (tcp 2000) for the "external" syslog-ng server. This works so far (tested with another client that sends the log messages to the NAS syslog).
      Now i would like to get pfsense (1.2.3-RELEASE, an update would be possible) to send its syslog messages to port 2000 of the NAS. If possible, i also would like to change the protocol from UDP to TCP.

      In the pfSense WebGUI there is no option to change these settings. But maybe in the conf files directly? My knowledge of Linux/FreeBSD is very limited, but i surely will be able to change a conf file if some could tell me which file and which changes i have to do.

      Thanks a lot for your suppport
      Frank

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        That should be as easy as putting something like "192.168.x.x:2000" in the server box, but it looks like our input validation doesn't allow that. Would be easy to disable that input validation in /usr/local/www/diag_logs_settings.php and try that out.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • V
          valshare
          last edited by

          Hi jimp,

          can this fixed in the next release?

          Regards, Valle

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Nobody responded confirming if that worked so I didn't make any changes.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • S
              Sup3rior
              last edited by

              @jimp:

              Nobody responded confirming if that worked so I didn't make any changes.

              Would be a nice feature to have, what do you want to have tested in regards to having the feature included in the code?

              Regards,
              Anders

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                Make the edit I mentioned before (disable the input validation in /usr/local/www/diag_logs_settings.php for that server box) and see if it works. If it works, then the validation can be re-written to allow the port. The quickest test is just to disable that validation.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • V
                  valshare
                  last edited by

                  Hi jimp,

                  i have comment out the validation lines for the 3 Server in the diag_logs_settings.php. Setup on setting page for syslog, to remote logging on my splunk server to port 10555 and it works.

                  Valle

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    I added a fix on master (2.1) so it will work on future versions.

                    https://github.com/bsdperimeter/pfsense/commit/4a8a90ffa6b698feed7ecf4ec235ffb1ad853d4b

                    Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • S
                      scubes13
                      last edited by

                      I noticed the code looks for specifically for an IP. I have commented out the code suggested to the OP and I am able to work using both a port and a DNS entry.

                      Is there a way to enable it to allow for DNS entries in the future?

                      Thanks.

                      EDIT

                      After posting, I stumbled upon the following Redmine ticket: http://redmine.pfsense.org/issues/1544
                      It appears hostnames will be enabled in 2.1

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.