저는 Raspberry Pi를 처음부터 재구축하고 문서에 따라 시스템을 빠르게 재구축할 수 있도록 설치 및 구성을 계속 진행하고 있습니다. 이 예에서는 Rasbian Lite - Buster를 사용하고 있습니다.
내가 사용하는 패키지 중 하나는 system-ng입니다. 이전 버전에서 사용했던 구성 파일이 있는데 훌륭하게 작동했습니다. 이제 요구사항이므로 @version 헤더를 파일에 추가하면 됩니다.
해당 파일에서 다른 컴퓨터가 로그인하도록 구성할 수 있도록 네트워크의 syslog 메시지를 수락하는 상자를 엽니다.
source s_net { udp(ip(0.0.0.0) port(514)); };
이 구성을 사용하면 pi가 시작될 때 syslog-ng 서비스가 시작되지 않습니다. 서비스를 편집하여 디버그 로깅을 활성화하면 "호스트 이름 확인 오류; 호스트='0.0.0.0'" 오류 메시지가 표시됩니다. 이로 인해 서비스가 실행되지 않지만 일단 시작된 후 로그인하여 서비스를 수동으로 시작하면 정상적으로 시작됩니다.
여기에 문제가 있나요? 부팅을 시도할 때 네트워크가 아직 준비되지 않았기 때문입니까?
필요에 따라 구성합니다.
@version: 3.19
# Options
# =======
# Turn off the annoying MARK messages
options { mark_freq(0); };
# Sources
# =======
# Open up the PI to accept syslog messages from any network connection on port 514 (syslog)
source s_net { udp(ip(127.0.0.1) port(514)); };
# OpenVPN log file
source s_openvpn_log { file("var/log/openvpn.log" follow-freq(1)); };
# Destinations
# ============
# Log messages from the sky router
destination d_router { file("/var/log/router.log"); };
# Email alerts
destination d_emailalerts { program("/etc/syslog-alert.sh" template("$MSG\n") ); };
destination d_vpn_incoming_emailalerts { program("/etc/syslog-alert.sh" template("Incoming OpenVPN connection from ${sky.c13}\n") ); };
# Filters
# =======
# Filter for the Sky Router
filter f_router { host( "192.168.0.1" ); };
# Filters for email alerts
filter f_openvpn_connection { message( "OpenVPNIN=ptm0.1 OUT= " ); };
filter f_openvpn_connected { message( "Peer Connection Initiated with [AF_INET]" ); };
filter f_sshd { program( "sshd" ); };
filter f_login_events { message( "Accepted password|Accepted publickey|login successful|failed to log in|Failed password" ); };
# Filters for warning messages (red dmesg)
filter f_red_dmesg { level(warn) and not facility(auth,authpriv,cron,daemon,mail,news); };
# Parsers
# =======
# Parser for the Sky Router log messages
parser p_router_msg { csv-parser( columns("sky.c1","sky.c2","sky.c3","sky.c4","sky.c5","sky.c6","sky.c7","sky.c8","sky.c9","sky.c10","sky.c11","sky.c12","sky.c13") delimiters(" ") ); };
# Rules
# =====
# Log messages from the network for the sky router to the router log file destination
log { source(s_net); filter(f_router); destination(d_router); };
# Send an alert for OpenVPN messages in the sky router syslog messages
log { source(s_net); filter(f_router); filter(f_openvpn_connection); parser(p_router_msg); destination(d_vpn_incoming_emailalerts); };
# Send an alert for someone logging into the sky router
log { source(s_net); filter(f_router); filter(f_login_events); destination(d_emailalerts); };
# Send an alert for a user logging in to SSH terminal
log { source(s_src); filter(f_sshd); filter(f_login_events); destination(d_emailalerts); };
# Send connection events from the openvpn log file
log { source(s_openvpn_log); filter(f_openvpn_connected); destination(d_emailalerts); };
# Send email alerts for any errors
log { source(s_src); filter(f_red_dmesg); destination(d_emailalerts); };
요청 시 NetStat:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:34771 0.0.0.0:* LISTEN 6736/Plex Plug-in [
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 461/dnsmasq
tcp 0 0 0.0.0.0:62966 0.0.0.0:* LISTEN 430/python
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 504/sshd
tcp 0 0 0.0.0.0:33400 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:32600 0.0.0.0:* LISTEN 677/Plex Tuner Serv
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 16597/nginx: master
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN 18650/python3.6
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 515/smbd
tcp 0 0 127.0.0.1:58846 0.0.0.0:* LISTEN 430/python
tcp 0 0 0.0.0.0:33443 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:45635 0.0.0.0:* LISTEN 618/Plex Plug-in [c
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 515/smbd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16597/nginx: master
tcp 0 0 0.0.0.0:8112 0.0.0.0:* LISTEN 585/python
tcp 0 0 127.0.0.1:45713 0.0.0.0:* LISTEN 714/Plex Plug-in [c
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN 453/Plex Media Serv
tcp 0 1 192.168.0.10:48838 192.168.0.56:80 SYN_SENT -
tcp 0 1 192.168.0.10:49956 192.168.0.54:80 SYN_SENT -
tcp 1 0 127.0.0.1:44682 127.0.0.1:45635 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 0 192.168.0.10:43146 82.4.2.106:32400 ESTABLISHED 453/Plex Media Serv
tcp 0 1 192.168.0.10:44806 192.168.0.50:80 SYN_SENT -
tcp 0 0 192.168.0.10:445 192.168.0.102:40834 ESTABLISHED 6746/smbd
tcp 309 0 192.168.0.10:41560 192.168.0.100:8001 ESTABLISHED 18650/python3.6
tcp 0 1 192.168.0.10:52512 192.168.0.47:80 SYN_SENT -
tcp 0 0 192.168.0.10:37582 99.80.242.242:443 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 1 192.168.0.10:46036 192.168.0.49:80 SYN_SENT -
tcp 0 1 192.168.0.10:55410 192.168.0.43:80 SYN_SENT -
tcp 0 0 192.168.0.10:38616 192.168.0.186:32400 ESTABLISHED 453/Plex Media Serv
tcp 0 1 192.168.0.10:42542 192.168.0.46:80 SYN_SENT -
tcp 0 0 192.168.0.10:50288 139.162.219.82:443 ESTABLISHED 453/Plex Media Serv
tcp 0 0 192.168.0.10:50080 192.168.0.154:8009 ESTABLISHED 18650/python3.6
tcp 0 1536 192.168.0.10:22 192.168.0.186:5534 ESTABLISHED 9125/sshd: pi [priv
tcp 1 0 127.0.0.1:44684 127.0.0.1:45635 CLOSE_WAIT 677/Plex Tuner Serv
tcp 0 1 192.168.0.10:33642 192.168.0.48:80 SYN_SENT -
tcp 0 0 192.168.0.10:51014 99.81.213.165:80 TIME_WAIT -
tcp 0 1 192.168.0.10:40066 192.168.0.51:80 SYN_SENT -
tcp 0 1 192.168.0.10:44180 192.168.0.40:80 SYN_SENT -
tcp 0 1 192.168.0.10:58806 192.168.0.55:80 SYN_SENT -
tcp 0 0 192.168.0.10:445 192.168.0.186:3025 ESTABLISHED 30277/smbd
tcp6 0 0 :::53 :::* LISTEN 461/dnsmasq
tcp6 0 0 :::62966 :::* LISTEN 430/python
tcp6 0 0 :::22 :::* LISTEN 504/sshd
tcp6 0 0 :::445 :::* LISTEN 515/smbd
tcp6 0 0 :::139 :::* LISTEN 515/smbd
tcp6 0 0 :::32400 :::* LISTEN 453/Plex Media Serv