Forum Discussion
nitass
Feb 12, 2013Employee
udp syslog seems working fine.
[root@ve10:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.252:80
ip protocol 6
rules myrule
profiles {
http {}
tcp {}
}
}
[root@ve10:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto UDP -pool loghost]
}
when HTTP_REQUEST {
set host [HTTP::host]
set uri [HTTP::uri]
}
when HTTP_RESPONSE {
HSL::send $hsl "<190> [IP::client_addr]:[TCP::client_port] $host $uri\n"
}
}
[root@ve10:Active] config b pool loghost list
pool loghost {
members {
200.200.200.101:514 {}
200.200.200.111:514 {}
}
}
[root@ve10:Active] config tcpdump -nni 0.0 port 514
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
07:47:58.467764 IP 200.200.200.10.13874 > 200.200.200.101.514: SYSLOG local7.info, length: 42
07:48:01.220714 IP 200.200.200.10.13875 > 200.200.200.111.514: SYSLOG local7.info, length: 42
07:48:05.041582 IP 200.200.200.10.13876 > 200.200.200.101.514: SYSLOG local7.info, length: 42
07:48:06.635777 IP 200.200.200.10.13877 > 200.200.200.111.514: SYSLOG local7.info, length: 42
this is tcp syslog.
[root@ve10:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.252:80
ip protocol 6
rules myrule
profiles {
http {}
tcp {}
}
}
[root@ve10:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
set hsl [HSL::open -proto TCP -pool loghost]
}
when HTTP_REQUEST {
set host [HTTP::host]
set uri [HTTP::uri]
}
when HTTP_RESPONSE {
HSL::send $hsl "<190> [IP::client_addr]:[TCP::client_port] $host $uri\n"
}
}
[root@ve10:Active] config b pool loghost list
pool loghost {
members {
200.200.200.101:514 {}
200.200.200.111:514 {}
}
}
[root@ve10:Active] config tcpdump -nni 0.0 port 514
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes
07:50:15.016770 IP 200.200.200.10.13899 > 200.200.200.111.514: S 3784171141:3784171141(0) win 4380
07:50:15.017474 IP 200.200.200.111.514 > 200.200.200.10.13899: S 1437766692:1437766692(0) ack 3784171142 win 5840
07:50:15.017487 IP 200.200.200.10.13899 > 200.200.200.111.514: . ack 1 win 4380
07:50:15.017496 IP 200.200.200.10.13899 > 200.200.200.111.514: P 1:43(42) ack 1 win 4380
07:50:15.018565 IP 200.200.200.111.514 > 200.200.200.10.13899: . ack 43 win 46
07:50:16.746792 IP 200.200.200.10.13899 > 200.200.200.111.514: P 43:85(42) ack 1 win 4380
07:50:16.747472 IP 200.200.200.111.514 > 200.200.200.10.13899: . ack 85 win 46
07:50:17.442778 IP 200.200.200.10.13899 > 200.200.200.111.514: P 85:127(42) ack 1 win 4380
07:50:17.443470 IP 200.200.200.111.514 > 200.200.200.10.13899: . ack 127 win 46
07:50:18.040623 IP 200.200.200.10.13899 > 200.200.200.111.514: P 127:169(42) ack 1 win 4380
07:50:18.041676 IP 200.200.200.111.514 > 200.200.200.10.13899: . ack 169 win 46