 Ground0Little Endian
join:2003-01-26
Los Angeles, CA |
to callihn4
Re: FVS318 Syslog On RH and No-IP.comsaid by callihn4:
...remote syslog work with RH and be able to set the type...
Not quite sure what you mean here callihn!!! What is RH? Is this some sort of a syslog client that you are trying to setup for the router (remotely!!!) or is it some reference to another router? As for support for other DDNS providers, such as no-ip.com etc, I guess you'll have to contact Netgear directly in this matter. I guess there have been significant inroads already since the FVS318 supports TZO DDNS service in its latest Firmware avatar...  |
|
ty_webb
join:2002-11-26
Plainfield, CT |
I'm pretty sure he means Red Hat. Also there is a "no-ip.com" DynamicDNS, I just Googled it. |
|
Ground0Little Endian
join:2003-01-26
Los Angeles, CA |
said by Ground0:
As for support for other DDNS providers, such as no-ip.com etc, I guess you'll have to contact Netgear directly in this matter.
What I meant in this earlier post was that the router does not support the "no-ip.com" Dynamic DNS provider, although things are improving since the router now also supports DDNS service from TZO. As for setting up syslogs on Redhat I think the attached document should be of some help here..... |
|
 stefaanE
Premium Member
join:2002-07-10
9657
|
stefaanE
Premium Member
2003-Apr-21 12:35 pm
said by Ground0:
As for setting up syslogs on Redhat I think the attached document should be of some help here.....
The problem being that the FVS318 doesn't have this type of menu. The facility code used by the FVS318 for connections to and from the LAN is USER, the level is INFO. To capture them in a separate logfile, use:
user.info -/var/log/fvs318
Obviously, you'll capture all the other user.info messages in the same file. For "serious stuff", such as the connections it rejects, the blocked sites or ports, it uses DAEMON.ALERT. AFAIK, there's no way to change the facility code or level in the FVS318 syslog messages. Take care, Stefaan |
|
| |
to Ground0
Thanks, I'll give that a shot, The router setup was the part I hadn't seen. |
|
callihn4
|
to ty_webb
said by ty_webb:
I'm pretty sure he means Red Hat. Also there is a "no-ip.com" DynamicDNS, I just Googled it.
Yea, Redhat or any other *nix. Yes it is here: » www.no-ip.com/It looks to me that the only services they are including are paid services, which they are getting a kickback on. |
|
| callihn4 |
to Ground0
Regarding those instructions:
"First thing to do it to telnet into the router, which is usually 192.168.0.1"
That's port 1998 BTW
"goto the "system maintenance" menu,"
Anyone care to point that out for me?
ROUTER SETTINGS
a). ROUTER IP ADDRESS
b). ROUTER SUBNET MASK
c). ROUTER NAME
d). ROUTER PASSWORD
e). WAN ETHERNET MAC ADDR.
f). WAN ETHERNET SETTINGS
g). ASYNC PORT SETTINGS
h). ROUTER DNS IP ADDRESS
i). LAN DHCP SERVER
j). VIRTUAL SERVER
k). ROUTING TABLE
l). CLIENT FILTER SETTINGS
m). LOAD DEFAULT SETTINGS
n). SAVE AND RESTART SERVER
o). DIAGNOSTIC
q). QUIT |
|
| callihn4 |
to stefaanE
That's what I thought.
Thanks |
|
| callihn4 |
to stefaanE
Attempting to send DAEMON.ALERT to /var/log/FVS318 does nothing either.
So back to my point:
It is a POS! |
|
stefaanE
Premium Member
join:2002-07-10
9657 |
to callihn4
said by callihn4:
It looks to me that the only services they are including are paid services, which they are getting a kickback on.
DynDNS.org is free, unless you want to use your own domain name (and then it's just a one-time $30 fee). I'm quite sure they don't pay any kick-backs to Netgear. Take care, Stefaan |
|
| stefaanE |
to callihn4
said by callihn4:
Attempting to send DAEMON.ALERT to /var/log/FVS318 does nothing either.
In my case it works quite well:
# tail /var/log/hacker
Apr 24 08:20:07 vpnrouter vpnrouter Hacker Log[29416]:PROTO_TCP, SIP:217.21.115.3: 1228, DIP:213.135.228.175: 1080, socks proxy
Apr 24 08:20:21 vpnrouter vpnrouter Hacker Log[29422]:PROTO_TCP, SIP:217.21.115.3: 1229, DIP:213.135.228.175: 6588, Suspicious TCP Data
Apr 24 08:43:05 vpnrouter vpnrouter Hacker Log[29535]:PROTO_TCP, SIP:61.48.58.150: 4526, DIP:213.135.228.175: 445, SMB
# tail /var/log/router
Apr 24 09:45:28 vpnrouter vpnrouter [29945]:TCP(16555) Dest IP :213.135.228.175, Src IP :x.x.x.x
Apr 24 09:45:28 vpnrouter vpnrouter [29946]:POP3(110) Dest IP :x.x.x.x, Src IP :192.168.1.1
Apr 24 09:45:29 vpnrouter vpnrouter [29947]:TCP(16712) Dest IP :213.135.228.175, Src IP :x.x.x.x
Here are the relevant lines from my syslog.conf:
#
# Router messages arrive as USER.INFO and DAEMON.ALERT
#
user.info -/var/log/router
daemon.alert -/var/log/hacker
Don't forget to kill -HUP syslogd after you change the config file. Take care, Stefaan |
|
| |
AHhhhhhhhhhh! I had it in uppercase. DOH!!!
Thanks
BTW, In case anyone want to know the Blocked Sites log appears to use local14. |
|
