SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0001489: Remote syslog not working - MantisBT
MantisBT - Endian Firewall
View Issue Details
0001489Endian FirewallOther Servicespublic2008-11-28 00:142009-10-27 12:01
suk1 
peter-endian 
normalmajoralways
closedfixed 
2.2-rc3 
2.3 
0001489: Remote syslog not working
I have a windows box configured as a syslogger on 10.0.0.10 port 514 which I know to be working correctly.

I have a endian fw box (virtulaized on vmware workstation with 2 network interfaces - green [10.0.0.1] and red [192.168.0.1]). On Endian I have set the syslog settings to Remote with the ip address of the syslogger 10.0.0.10.

I am not recieving any syslog message from the Endian box.... I can ping the syslogger from the Endian box no problem....I have only one firewall rule which is allow any to any.
No tags attached.
parent of 0001565closed peter-endian RecursiveNull object is not comparable 
Issue History
2008-11-28 00:14suk1New Issue
2008-12-09 20:49peter-endianNote Added: 0001855
2008-12-11 05:53fugaziNote Added: 0001864
2008-12-17 09:56StephCoNote Added: 0001882
2009-02-14 16:38marcusNote Added: 0001963
2009-02-14 18:07marcusNote Added: 0001964
2009-02-14 18:09marcusNote Deleted: 0001963
2009-02-15 06:11fugaziNote Added: 0001965
2009-02-16 14:41peter-endianNote Added: 0001969
2009-02-16 14:41peter-endianAssigned To => peter-endian
2009-02-16 14:41peter-endianStatusnew => confirmed
2009-02-16 14:46peter-endianIssue cloned: 0001565
2009-02-16 14:46peter-endianRelationship addedparent of 0001565
2009-02-19 17:05peter-endianStatusconfirmed => resolved
2009-02-19 17:05peter-endianFixed in Version => 2.3
2009-02-19 17:05peter-endianResolutionopen => fixed
2009-10-27 12:01peter-endianStatusresolved => closed

Notes
(0001855)
peter-endian   
2008-12-09 20:49   
It's working for us with linux boxes.

It's UDP, are you aware of that?

Can you capture traffic on your windows box in order to check if syslog packets arrive? They should..

Did not try to receive packets on a windows event logger. However that should also work.
(0001864)
fugazi   
2008-12-11 05:53   
Hi

I have the same problem as suk1. Have a centos 4.7 box that I log too. Use to work with Endian 2.1.2 but no with 2.2 rc3. I have restored from a 2.1.2 backup don't know if that might be the problem
(0001882)
StephCo   
2008-12-17 09:56   
same problem too on a fresh installation of 2.2RC3 (no update, no restore)
Syslog works fine on previous versions
One green, same lan 192.168.1.0/24 than my syslog windows station
(0001964)
marcus   
2009-02-14 18:07   
After working deeper into the problem I could solve the issue by the following:

- mkdir /var/efw/ha (wasn't there before)
- echo "HA_ENABLED=off" >> /var/efw/ha/settings
- chown -R nobody:nobody /var/efw/ha

Maybe it helps someone else...
(0001965)
fugazi   
2009-02-15 06:10   
Yeap this solution fix the problem for me.

Remote logging is not working :-)
(0001969)
peter-endian   
2009-02-16 14:41   
wow. nice one!

Seems that in last time we have more bugs which happen only on versions with some enterprise parts missing

However this is a really nice one. The problem is within the RecursiveNull class of Cheetah.

Your workaround certainly works also.