OPNsense Forum
Archive => 20.7 Legacy Series => Topic started by: sorro on August 19, 2020, 11:00:26 am
-
I am on 20.7.1 and only been using opnsense for a few weeks so still learning.
I want to push all my logs via syslog-ng to another host and after setting this up they worked fine for a day but since about 3 days ago when I updated/rebooted to 20.7.1 no more logs have appeared remotely.
I am not sure if there was a problem with the update or whether I have misconfigured something. The remote host syslog-ng process is healthy and syslog service port open in firewall.
If anyone has pointers on what to check that would be appreciated.
Local Logging Options
Disable circular logs 🗹
Preserve logs (Days)
Log Firewall Default Blocks
🗹 Log packets matched from the default block rules put in the ruleset
Log packets matched from the default pass rules put in the ruleset
🗹 Log packets blocked by 'Block Bogon Networks' rules
🗹 Log packets blocked by 'Block Private Networks' rules
Web Server Log 🗹 Log errors from the web server process.
Local Logging 🗹 Disable writing log files to the local disk
-
Three days ago I upgraded our firewalls to 20.7.1-amd64.
Since then all logs on the firewall have frozen. When updating log settings syslog-ng core-dumps on a signal 11 (segment violation)!
-
20.7.2 will deliver a fixed version
-
Also noticed this crash with syslog-ng.
-
Hi,
This version should get rid of the crashes for now.
# pkg add -f https://pkg.opnsense.org/FreeBSD:12:amd64/20.7/misc/syslog-ng327-3.27.1_2.txz
It will be part of 20.7.2 and we are discussing with the authors of syslog-ng what can be done about it.
Cheers,
Franco
-
I have tried the new package, and it no longer seems to crash, which is good.
However, after disabling circular logging, it still generates these messages:
Aug 20 09:29:47 haanjdj.ddns.net syslog-ng[6085]: Destination timeout has elapsed, closing connection; fd='27'
-
I have tried the new package, and it no longer seems to crash, which is good.
However, after disabling circular logging, it still generates these messages:
Aug 20 09:29:47 haanjdj.ddns.net syslog-ng[6085]: Destination timeout has elapsed, closing connection; fd='27'
Same here. And thanks @franco.
2020-08-22T12:11:32 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='28'
2020-08-22T12:11:03 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='27'
2020-08-22T12:10:56 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='7'
2020-08-22T12:09:56 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='7'
2020-08-22T12:08:56 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='28'
2020-08-22T12:08:51 syslog-ng[21334] Destination timeout has elapsed, closing connection; fd='7'
2020-08-22T12:07:51 syslog-ng[21334] syslog-ng starting up; version='3.27.1'
-
I have the same errors
Destination timeout has elapsed, closing connection; fd=xx
-
This is just cosmetic as syslog in general works
-
For me it was causing acme-client plugin. I had a newer installation so I upgraded it to 20.7 and everything worked fine. Then I installed acme-client and I had a few issues. I couldn't get a certificate, there were also some php warnings and the syslog-ng started to crash. I tried restart opnsense several times (also with Let's encrypt plugin disable) and after every restart syslog-ng crashed and couldn't be started. So I tried to remove the acme-plugin and after restart syslog-ng was working again. I tried another testing restart and syslog-ng was still working. So the problem was acme-plugin (some of its dependencies probably) which have some problem with syslog-ng.