DFL-210 - Syslog event logging
Since I run my Media Center PC 24x7, I decided it would be a good idea to capture log messages from the DFL-210 firewall, my 2 Linksys access points and the SunRocket Innomedia VOIP gateway. I found the Kiwi Syslog Daemon to fit my needs since it worked with all my devices and they provide a freeware version. The Kiwi Syslog Daemon can be run as a service so you do not need to be logged on. You should also download the Kiwi Log Viewer to view the entire log file, the Syslog Daemon will only display the last 100 entries or so.
The key differences that I can between the paid and the freeware version is the ability to filter , better reports and DNS resolution of logged IP addresses. You can request a 30 day trial of the paid version. I may try it once I know my way around the software.
The DFL-210 is configured by adding a Log and Event Receiver under System.
- add a Syslog receiver
- Name = choose a name
- IP address = the IP address of the computer the Kiwi Syslog Daemon is running on
- Facility = a descriptor that will show up in your logs to identify the sender (I used local0)
- Port = 514 (standard syslog receiver port)
- In the Kiwi Syslog Daemon setup enable Inputs/UDP and if you have Linksys equipment enable Inputs/SNMP.
- On Windows XP control panel/firewall/Exceptions Add Port Name=Syslog Port=514
When you set up new items or rules on the DFL-210 you can manually set the logging options.
Next I need to look at filtering and reporting to see if the paid version might be useful for my use.
Thanks for posting. I am about to get a DFL -210 myself but I am concerned that it will be too complex (even though I have set up a lot of routers). I found your posts interesting!
Posted by: Gerald | October 10, 2006 at 09:19 PM
As long as you make regular backups of the config, you can back out changes and you should be fine. The theory and examples in the documentation also helped.
Posted by: Stephen Skarlatos | October 13, 2006 at 08:07 AM
I just got a DFL-210 and I am very confused with the setup as I can't get it to work with my T1. If you have any other info on basic or advanced setup it would be very helpful. I will be setting up a vpn also after I get the internet working. Thanks!
Posted by: Ken Johns | October 30, 2006 at 10:34 PM
Did you try my quick config I posted here: http://www.mydigitallife.us/2006/09/dfl210_quick_co.html. The key to getting the router to talk to the outside world in making sure that the WAN interface is showing the correct address and DNS. What does your WAN interface status show?
Getting the VPN up and running is on my list. Hopefully I will have time in early November.
Posted by: Stephen Skarlatos | October 31, 2006 at 01:07 PM