我正在从头开始重建我的 Raspberry Pi,并按照我保留的有关安装和配置的文档进行操作,以便我可以快速重建系统。在本例中,我使用 Rasbian Lite - Buster。
我使用的软件包之一是 system-ng。我有一个在之前的版本中使用的配置文件,效果很好。我只需要将 @version 标头添加到文件中,因为这是现在的要求。
在该文件中,我打开框以接受来自网络的系统日志消息,以便我可以配置其他计算机来登录它......
source s_net { udp(ip(0.0.0.0) port(514)); };
通过此配置,当 pi 启动时,syslog-ng 服务无法启动。通过编辑服务启用调试日志记录,显示错误消息“解析主机名时出错;主机='0.0.0.0'”。这会阻止服务运行,但启动后,如果我登录并手动启动该服务,它会正常启动。
这里有什么问题吗?这是因为尝试启动时网络尚未准备好吗?
按要求配置:
@version: 3.19
# Options
# =======
# Turn off the annoying MARK messages
options { mark_freq(0); };
# Sources
# =======
# Open up the PI to accept syslog messages from any network connection on port 514 (syslog)
source s_net { udp(ip(127.0.0.1) port(514)); };
# OpenVPN log file
source s_openvpn_log { file("var/log/openvpn.log" follow-freq(1)); };
# Destinations
# ============
# Log messages from the sky router
destination d_router { file("/var/log/router.log"); };
# Email alerts
destination d_emailalerts { program("/etc/syslog-alert.sh" template("$MSG\n") ); };
destination d_vpn_incoming_emailalerts { program("/etc/syslog-alert.sh" template("Incoming OpenVPN connection from ${sky.c13}\n") ); };
# Filters
# =======
# Filter for the Sky Router
filter f_router { host( "192.168.0.1" ); };
# Filters for email alerts
filter f_openvpn_connection { message( "OpenVPNIN=ptm0.1 OUT= " ); };
filter f_openvpn_connected { message( "Peer Connection Initiated with [AF_INET]" ); };
filter f_sshd { program( "sshd" ); };
filter f_login_events { message( "Accepted password|Accepted publickey|login successful|failed to log in|Failed password" ); };
# Filters for warning messages (red dmesg)
filter f_red_dmesg { level(warn) and not facility(auth,authpriv,cron,daemon,mail,news); };
# Parsers
# =======
# Parser for the Sky Router log messages
parser p_router_msg { csv-parser( columns("sky.c1","sky.c2","sky.c3","sky.c4","sky.c5","sky.c6","sky.c7","sky.c8","sky.c9","sky.c10","sky.c11","sky.c12","sky.c13") delimiters(" ") ); };
# Rules
# =====
# Log messages from the network for the sky router to the router log file destination
log { source(s_net); filter(f_router); destination(d_router); };
# Send an alert for OpenVPN messages in the sky router syslog messages
log { source(s_net); filter(f_router); filter(f_openvpn_connection); parser(p_router_msg); destination(d_vpn_incoming_emailalerts); };
# Send an alert for someone logging into the sky router
log { source(s_net); filter(f_router); filter(f_login_events); destination(d_emailalerts); };
# Send an alert for a user logging in to SSH terminal
log { source(s_src); filter(f_sshd); filter(f_login_events); destination(d_emailalerts); };
# Send connection events from the openvpn log file
log { source(s_openvpn_log); filter(f_openvpn_connected); destination(d_emailalerts); };
# Send email alerts for any errors
log { source(s_src); filter(f_red_dmesg); destination(d_emailalerts); };
NetStat 按要求:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:34771 0.0.0.0:* LISTEN 6736/Plex Plug-in [
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 461/dnsmasq
tcp 0 0 0.0.0.0:62966 0.0.0.0:* LISTEN 430/python
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 504/sshd
tcp 0 0 0.0.0.0:33400 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:32600 0.0.0.0:* LISTEN 677/Plex Tuner Serv
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 16597/nginx: master
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN 18650/python3.6
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 515/smbd
tcp 0 0 127.0.0.1:58846 0.0.0.0:* LISTEN 430/python
tcp 0 0 0.0.0.0:33443 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:45635 0.0.0.0:* LISTEN 618/Plex Plug-in [c
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 515/smbd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16597/nginx: master
tcp 0 0 0.0.0.0:8112 0.0.0.0:* LISTEN 585/python
tcp 0 0 127.0.0.1:45713 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN 453/Plex Media Serv
tcp 0 1 192.168.0.10:48838 192.168.0.56:80 SYN_SENT -
tcp 0 1 192.168.0.10:49956 192.168.0.54:80 SYN_SENT -
tcp 1 0 127.0.0.1:44682 127.0.0.1:45635 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 0 192.168.0.10:43146 82.4.2.106:32400 ESTABLISHED 453/Plex Media Serv
tcp 0 1 192.168.0.10:44806 192.168.0.50:80 SYN_SENT -
tcp 0 0 192.168.0.10:445 192.168.0.102:40834 ESTABLISHED 6746/smbd
tcp 309 0 192.168.0.10:41560 192.168.0.100:8001 ESTABLISHED 18650/python3.6
tcp 0 1 192.168.0.10:52512 192.168.0.47:80 SYN_SENT -
tcp 0 0 192.168.0.10:37582 99.80.242.242:443 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 1 192.168.0.10:46036 192.168.0.49:80 SYN_SENT -
tcp 0 1 192.168.0.10:55410 192.168.0.43:80 SYN_SENT -
tcp 0 0 192.168.0.10:38616 192.168.0.186:32400 ESTABLISHED 453/Plex Media Serv
tcp 0 1 192.168.0.10:42542 192.168.0.46:80 SYN_SENT -
tcp 0 0 192.168.0.10:50288 139.162.219.82:443 ESTABLISHED 453/Plex Media Serv
tcp 0 0 192.168.0.10:50080 192.168.0.154:8009 ESTABLISHED 18650/python3.6
tcp 0 1536 192.168.0.10:22 192.168.0.186:5534 ESTABLISHED 9125/sshd: pi [priv
tcp 1 0 127.0.0.1:44684 127.0.0.1:45635 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 1 192.168.0.10:33642 192.168.0.48:80 SYN_SENT -
tcp 0 0 192.168.0.10:51014 99.81.213.165:80 TIME_WAIT -
tcp 0 1 192.168.0.10:40066 192.168.0.51:80 SYN_SENT -
tcp 0 1 192.168.0.10:44180 192.168.0.40:80 SYN_SENT -
tcp 0 1 192.168.0.10:58806 192.168.0.55:80 SYN_SENT -
tcp 0 0 192.168.0.10:445 192.168.0.186:3025 ESTABLISHED 30277/smbd
tcp6 0 0 :::53 :::* LISTEN 461/dnsmasq
tcp6 0 0 :::62966 :::* LISTEN 430/python
tcp6 0 0 :::22 :::* LISTEN 504/sshd
tcp6 0 0 :::445 :::* LISTEN 515/smbd
tcp6 0 0 :::139 :::* LISTEN 515/smbd
tcp6 0 0 :::32400 :::* LISTEN 453/Plex Media Serv