Problem: Trying to isolate the issue preventing one of our BlueSocket routers from logging to a FreeBSD syslog box. The one that is not logging has identical logging settings to the other but is on a DMZ segment, so I believe it is either a Firewall issue or a bug with the BlueSocket ( different firmware version ) at this point. Nonetheless, I am submitting my syslog settings to eliminate that possibility.
Here's the pertinent part of my syslog.conf:
*.err;kern.warning;auth.notice;mail.crit /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
security.* /var/log/security
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
*.=debug /var/log/debug.log
*.emerg *
!ppp
*.* /var/log/ppp.log
!*
+bluesocketWPL
local1.* /var/log/bluesocketWPL.log
+bluesocketML
local0.* /var/log/bluesocketML.log
bluesocketML logs just fine regardless of position in file or interface set.
I've looked at the man pages and docs for syslog ...this looks right to me. This seems all the more obvious as the order of the entries makes no change in result.
Thanks for any thoughts you may have ....in advance.
Bubnoff
PS: Checked perms on files in question. Identical.
** UPDATE **
As per Chris' tip I ran a tcpdump for the hosts in question, looking for syslog traffic.
tcpdump -i bge0 host bluesocketML or host bluesocketWPL and port syslog
One WAP comes in loud and clear ...the other, nothing. I can ping it ...it can ping me. Thinking that it must be a firewall issue on the device or on our firewall. We are connected by VPN in both cases. VPN policies seem whorish enough to me, but that seems like the next place to look.
A firewall rule at that branch + a reboot fixed the issue.