[Ninux-Calabria] openWRT remote syslog

Giuseppe De Marco demarcog83 a gmail.com
Sab 8 Ago 2015 00:37:01 CEST 

Il 8 agosto 2015 00:25, Giuseppe De Marco <demarcog83 a gmail.com> ha scritto:
> Appunti di configurazioni.
> Sovente serve di loggare tutta l'attività di un router su un server
> centralizzato, così da gestire in un'unica soluzione tanti logs,
> magari con servizi di sintesi via web, come loganalyzer.
>
> Sul server abilitiamo l'accesso, pro-tip: meglio se rinforzato con
> iptables. pro-tip-2: meglio se in VPN.
>
> [conf]
> cat /etc/rsyslog.d/openwrt_remote_syslog.conf
>
> $ModLoad imudp
> $UDPServerRun 514
> :fromhost-ip, isequal, "10.87.7.198" /var/log/openwrt_remote_syslog.log
> & ~
> [/conf]
>
> [conf router]
> root a OpenWrt:~# cat /etc/config/system
>
> config system
> option hostname 'OpenWrt'
> option zonename 'Europe/Rome'
> option timezone 'CET-1CEST,M3.5.0,M10.5.0/3'
> option log_ip '10.87.7.27'
> option conloglevel '8'
> option cronloglevel '8'
>
> [/conf router]
>
> [rlog]
> root a maker:/media/wert/storage1/OpenWRT/UniWRT/bb# tail -f
> /var/log/openwrt_remote_syslog.log
> Aug  8 00:16:14 10.87.7.198 dnsmasq-dhcp[1502]: DHCP, IP range
> 192.168.1.100 -- 192.168.1.249, lease time 12h
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: using local addresses only
> for domain lan
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: reading /tmp/resolv.conf.auto
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: using local addresses only
> for domain lan
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: using nameserver 10.87.7.1#53
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: read /etc/hosts - 1 addresses
> Aug  8 00:16:14 10.87.7.198 dnsmasq[1502]: read /tmp/hosts/dhcp - 1 addresses
> Aug  8 00:16:14 10.87.7.198 dnsmasq-dhcp[1502]: read /etc/ethers - 0 addresses
> Aug  8 00:20:57 10.87.7.198 dropbear[1706]: Child connection from
> 10.87.7.27:39838
> Aug  8 00:21:02 10.87.7.198 dropbear[1706]: Password auth succeeded
> for 'root' from 10.87.7.27:39838
> [/rlog]
>
> In pratica nella customizzazione di busybox ho rimosso logger e ho
> compilato syslogd con i dovuti supporti. Funziona a dovere.

per l'appunto

#
# System Logging Utilities
#
CONFIG_BUSYBOX_CONFIG_SYSLOGD=y
# CONFIG_BUSYBOX_CONFIG_FEATURE_ROTATE_LOGFILE is not set
CONFIG_BUSYBOX_CONFIG_FEATURE_REMOTE_LOG=y
# CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOGD_DUP is not set
CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOGD_CFG=y
CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOGD_READ_BUFFER_SIZE=256
# CONFIG_BUSYBOX_CONFIG_FEATURE_IPC_SYSLOG is not set
# CONFIG_BUSYBOX_CONFIG_FEATURE_KMSG_SYSLOG is not set
# CONFIG_BUSYBOX_CONFIG_KLOGD is not set
# CONFIG_BUSYBOX_CONFIG_LOGGER is not set

Maggiori informazioni sulla lista Calabria