Forum Discussion
nitass
May 25, 2013Employee
should i create a pool with the syslog serveryes
e.g.
syslog server is 192.168.206.51:514
ssh client is 172.28.69.28
[root@ve10:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.252:22
ip protocol 6
rules myrule
}
[root@ve10:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool syslog_server_pool]
HSL::send $hsl "<190> client is [IP::client_addr]:[TCP::client_port]"
}
}
[root@ve10:Active] config b pool syslog_server_pool list
pool syslog_server_pool {
members 192.168.206.51:514 {}
}
[root@ve10:Active] config tcpdump -nni 0.0 -s0 port 514 -X
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 65535 bytes
21:14:15.436158 IP 172.28.19.253.53360 > 192.168.206.51.514: SYSLOG local7.info, length: 34 out slot1/tmm0 lis=
0x0000: 0ffe 0800 4500 003e b49e 0000 ff11 b81a ....E..>........
0x0010: ac1c 13fd c0a8 ce33 d070 0202 002a 830d .......3.p...*..
0x0020: 3c31 3930 3e20 636c 6965 6e74 2069 7320 <190>.client.is.
0x0030: 3137 322e 3238 2e36 392e 3238 3a33 3734 172.28.69.28:374
0x0040: 3831 0114 0000 0000 0000 0000 0000 0000 81..............
0x0050: 0000 0000 0000 0000 ........