Subject: syslog filling up with sysmon messages
To: None <netbsd-help@mail.netbsd.org>
From: Paul Newhouse <newhouse@rockhead.com>
List: netbsd-help
Date: 10/10/2000 22:27:18
Platform i386
I'm running:
NetBSD bigbox 1.4ZD NetBSD 1.4ZD (BIGBOX) #3: Thu Jun 22 17:34:38 PDT 2000 \
newhouse@pimin:/usr/s
rc/sys/arch/i386/compile/BIGBOX i386
recently I started getting my syslog filled up with:
Oct 10 22:10:30 bigbox ipmon[121]: 22:10:30.514814 tlp1 @0:12 p \
<work>.com,789 -> rockhead.com,22 PR tcp len 20 27648 -AP IN
It's a short packet and I have an IPF rule that says log them.
The link is a pppd, tunneled through ssh, VPN to a Solaris 2.7 machine running
McKerras (sp?) pppd and ssh. I didn't use to see these before and now the link
seems really mmm ... jumpy, whereas it was pretty smooth before. I'm pretty
sure I haven't changed anything on either system in quite awhile.
I run a cron job that checks the links and finds entries in /var/log/messages
to generate a report on how stable the conenction has been. The one that ran
this morning looked normal (found some records). This evening:
: ls -l /var/log/message*
-rw-r--r-- 1 root wheel 3482116 Oct 10 22:24 /var/log/messages
-rw-r--r-- 1 root wheel 322671 Oct 10 22:00 /var/log/messages.0.gz
-rw-r--r-- 1 root wheel 404089 Oct 10 21:00 /var/log/messages.1.gz
-rw-r--r-- 1 root wheel 349720 Oct 10 20:00 /var/log/messages.2.gz
-rw-r--r-- 1 root wheel 364324 Oct 10 19:00 /var/log/messages.3.gz
-rw-r--r-- 1 root wheel 272754 Oct 10 18:00 /var/log/messages.4.gz
-rw-r--r-- 1 root wheel 329380 Oct 10 17:00 /var/log/messages.5.gz
I have another VPN running to a friends machine and it seems stable and it's
over the same IDSL line. Pretty weird man!!
Any clues as to what's going on would be appreciated.
TIA,
Paul
piminx@home.com
newhouse@rockhead.com