Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a syslog server logging to another server, but the other server is not getting the messages. There is a service listening on the correct interface and port. If I tcpdump at the interface I see the packets getting to the machine, but past the interface I cannot see the packets. There is an iptables firewall on the machine. The firewall has a rule set up to allow the packets in, but the packets are not reaching the firewall ( that is, not being accepted, denied, or logged). Dropping the firewall, the app still does not see the packets. Removing the app and just listening with netcat does not see the packets. I tried moving the wire to another machine, and the other machine received the messages just fine. I tried a different interface card, but still the same problem. This leaves the operating system and environment. I checked sysctl fields I am familiar with, but there are a lot of them. Any ideas welcome!
Just a quick thought, is there another service, possibly in (x)inetd, that is listening on the same port and taking in all the data? I was going to ask also if you had a firewall rule that drops the packets before it gets to the accept rule, but you said it worked without the firewall so that's probably not it either.
Netstat confirms no other apps are listening on the port. Good suggestion though. I am positive the firewall is not the problem since I have tried it with the firewall off.
Since it sounds like it should be working, just to be sure I think you can set up a simple log rule for iptables. Take the accept line for these packets and right above it in your firewall script add a line to log, kind of like this:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.