I'm have trouble seeting the Syslog and Syslogd up for the Netgear, i have followed several instructions and used several different settings, i have set filters to log match and unmatch,
but whatever i do nothing seemes to trigger ?
has anyone got any suggestions ?

oh and the Syslogd i've been using is Kiwi.

I have got a firewall but its noth that as the ip address of the router is trusted, and i've also tried it with the firewall turned off.

any help gratefully received,

cheers.

:D Try to visit this website i bet they have a knowledge base regarding this matter.

www.netgear.com

for some work arounds try this one

www.dslreports.com


for advance research
www. google.com

Thanks,

I've tried both of them already,
the Netgear site is very limited
and i got nothing that i didn't know already from the DSL site

cheers

Make sure that the syslog server is running and ready to accept logging messages. In many Unix implementations, you will need to add a switch to the startup command line to allow messages to be accepted from systems/devices other than the server on which syslog is running. In FreeBSD, this is done using the "-a allowed-peer" switch to syslogd.
Telnet to the router, and using menu 24.3.2, enable syslog logging:

Menu 24.3.2 - System Maintenance - UNIX Syslog

Syslog:
Active= Yes
Syslog IP Address= 192.168.x.x
Log Facility= Local 5

Types:
CDR= No
Packet triggered= Yes
Filter log= Yes
PPP log= No

Active must be set to Yes, the IP address where the syslog server is running must be entered, and the type of activity to be logged must be entered. This is normally Filter log, for firewall events.

Log facility can be used to select between different logfiles, where the logger supports this.

The individual firewall rules to be logged must be selected. Telnet to the router, and go to menu 21. Select a rule set, then a firewall rule, eg rule 21.3.3 which in the default setup blocks external access to the web management console.

Menu 21.3.3 - TCP/IP Filter Rule

Filter #: 3,3
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 6 IP Source Route= No
Destination: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Port #= 80
Port # Comp= Equal
Source: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Port #=
Port # Comp= None
TCP Estab= No
More= No Log= Action Matched
Action Matched= Drop
Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

Use <TAB> to move through the menu to the Log field and <SPACE> to toggle the contents of this field. In the example, this has been set to Action Matched which means that any attempts to connect to this port will be logged.

Understanding Syslog Entries

A typical syslog entry might be:

Feb 03 00:06:04 rp114 rp114: IP[Src=11.22.33.44 Dst=192.168.0.2 TCP spo=04479 dpo=00080]}S03>R03mD

This decodes as follows:

Local date and time
Hostname of router
Protocol IP
Source IP address 11.22.33.44
Destination IP address (after SUA mapping) 192.168.0.2
Protocol TCP
Source Port 4479
Destination Port 80
S03 = Ruleset 3
R03 = Rule 3 within that ruleset
m = matched (would be n for not matched)
D = Drop (otherwise F = Forward, or N for Check next Rule)