Author
Message
Rickers DD-WRT User Joined: 10 May 2015 Posts: 106
Posted: Thu Aug 18, 2022 20:08 Post subject: How to get klog output send to remote syslog server
Hi,
I turned on syslog, klog, and firewall logging and can see the firewall messages in /var/log/messages.
But, they don't get sent to my remote logging console (the syslog messages do get sent).
Is there a way to get these klog messages sent as well to the remote?
Regards, Rick
Build 49741 on WRT1900ACv1
Back to top
Sponsor
Alozaros DD-WRT Guru Joined: 16 Nov 2015 Posts: 6445 Location: UK, London, just across the river..
Posted: Fri Aug 19, 2022 9:19 Post subject:
https://wiki.dd-wrt.com/wiki/index.php/Logs
i use 'syslog server' pointed to one of my local PC IP
i do get all the messages...usually ...
but, if you select firewall messages to medium or high syslog will be flooded... _________________Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top
Rickers DD-WRT User Joined: 10 May 2015 Posts: 106
Posted: Sat Aug 20, 2022 5:36 Post subject:
Alozaros wrote: https://wiki.dd-wrt.com/wiki/index.php/Logs
i use 'syslog server' pointed to one of my local PC IP
i do get all the messages...usually ...
but, if you select firewall messages to medium or high syslog will be flooded...
Those instructions don't mention you need to enable klogd separately. My issue is that the klogd/firewall messages only appear in /var/log/messages. They don't get sent to the remote IP (via syslog I'm guessing?).
If I, say, drop the VPN and bring it back up, the related messages for that do get sent to my remote listener (I'm just using netcat listening on UDP port 514 just to play around with this).
Can you confirm if you're getting firewall message sent to the remote IP with the latest build?
Regards, Rick
Back to top
Rickers DD-WRT User Joined: 10 May 2015 Posts: 106
Posted: Sat Aug 20, 2022 6:41 Post subject:
I got this to work on 49741. I had to reset to Factory Defaults and reapply my config manually.
However, I get a ton of ACCEPT message for UDP port 514 which is the logging itself...any clue how to stop that?
-Rick
Back to top