We have configured syslog in sonic wall firewal... in firewall packets are forwarding to syslog server that is centos
but in the syslog server we are unable to findout where the logs have been stored.
Sounds like you want to know where CentOs stores the syslog messages? If so, check:
/var/log
/var/log/messages
Related
I am a newbie to the implementation of TLS over TCP.
I am using winsock to send TCP packets to remote syslog server just like the example given here:
https://learn.microsoft.com/en-us/windows/win32/winsock/complete-client-code
Now I want to use TLS over TCP. I have configured rsyslog on my centOs machine(syslog server) according to these steps: https://www.golinuxcloud.com/secure-remote-logging-rsyslog-tls-certificate/
But above link states info about sending logs from one syslog server to another syslog server. I need to send logs from my application [cpp socket programming] to remote syslog server.
Can someone please help me, how should I achieve this? Do I need to store any certificate where my application is running or how should I make TLS over TCP from my application to remote syslog server.
I have a web server running CentOS and a separate mail server running Microsoft Exchange. I have the web server connecting to the mail server via SMTP on port 587 to send emails.
Sometimes the connection to the mail server refuses, but it's rare. Could an intermittent failure be related to port settings? I would have thought it's all or nothing.
For the CentOS web server, what rules should I be looking to configure in the iptables if any? Do I need to add an entry for port 587 on this server? Or do I just need to allow incoming connections on the mail server for 587?
Thanks in advance.
You don't need to set up any iptables rules on your webserver, since outgoing connections are allowed by default. Your occasional drops won't have anything to do with the webserver's firewall, so you'll want to look at tuning your Exchange server, if the error is impactful enough to worry about it.
I've got dedicated server to run all my sites from.
I created domain and updated all DNS records to this server, everything is fine and propagated however when i try and receive mail nothing happens but it can send.
I went to dnsstuff.com and this is the error i got...
All connections to Mailservers port 25 have failed. The standard port
for SMTP transactions is 25, so your servers should be operating on
that port. It is recommended that it be fixed in order for your mail
service to operate properly. The Mail Servers that failed are:
xx.xxx.xxx.xxx | failed message send with: failed cx open with: failed socket connect with: Operation now in progress
/*****************
UPDATE
*****************/
Running a linux box using centOS.
The mailserver being used is, I believe, Postfix.
How do i fix this problem?
Check your firewall configuration on your server. If you can send from localhost (that is, direclty from your server), but mail can't be delivered from remote servers to your box, your firewall is the best bet to look at. Basically port 25 should be open to any IP. It's hard to give you specific details on how to configure your firewall, as you do not specify your OS and dikstribution. Most Linux distro's run some flavour of iptables. If iptables is what you have, you could try this command from the command line:
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
Before you open up your firewall, you might want to dive into configuring postfix. It would not be nice to the rest of the world if you started running an open relay. That will get your server blacklisted in no time. This artice on the postfix website will give you a decent start.
I have chosen QuteCom SIP client for windows to chat.I have installed and configured the account with my public server. My SIP server is kamailio.The connection to the server is not established. The application is connecting to the server for a long time.
Any help is appreciated.
If looks like keep connecting, then I guess the SIP messages don't get to the server.
You can install Wireshark to monitor traffic on windows host on port 5060 (the SIP port) in order to see if SIP messages are sent to the server.
On server, you can install ngrep for the purpose of seeing if traffic from the phone comes there. The command would be like:
ngrep -d any -qt -W byline port 5060
If you don't see traffic coming to the SIP server, then might be a firewall or an ALG between the client and the server, or, a firewall even on client host or server itself.
If it is something in between (not on client host or server), then you should try to use TCP or better TLS.
Note that if you have the firewall on the server, you will see the SIP packets coming on the network, but they will be dropped by the kernel before getting to application layer. Typically on Linux you can see the firewall rules with:
iptables -L
If the SIP packets come to the server, then set debug=3 in kamailio.cfg, restart kamailio and watch the syslog file (e.g., /var/log/syslog or /var/log/messgaes) for kamailio-specific debug messages -- you should get hints of what happens during processing.
I'm using centos 5 and sendmail on intranet server. Local mail is being delivered perfectly, but when i try to deliver email to gmail, for example (or any other service outside intranet) i find following errors in my logs:
Jan 16 16:50:32 testlink sendmail[27713]: r0GCoVi5027711: to=<example#gmail.com>,
ctladdr=<webdev#testlink.ru.corp.domain.com> (502/502), delay=00:00:01,
xdelay=00:00:01, mailer=esmtp, pri=120332, relay=alt4.gmail-smtp-in.l.google.com.
[173.194.68.27], dsn=4.0.0, stat=Deferred:
Connection refused by alt4.gmail-smtp-in.l.google.com.
one more important thing - server is not accessible from internet, but i can access internet from my server..
Please advice where should i search the problem.. i understand that i should setup sendmail somehow (currently i'm using default configuration that was set by yum), but what settings (or at least direction)... Thanks in advance!
run ifconfig in command line. perhaps something is wrong with your IP
also look into iptables -L
netstat -nap should have a string
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 5275/sendmail
check if provider blocks port 25:
telnet smtp.ukr.net 25