1 服务起停
比如 service rsyslog restart
查看服务是否运行
[root@host ~]# service rsyslog status
rsyslogd (pid 30843) is running...
2 根据进程名查看端口占用情况
[root@host ~]# netstat -nap | grep syslog
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 30843/rsyslogd
tcp 0 0 :::514 :::* LISTEN 30843/rsyslogd
udp 0 0 0.0.0.0:514 0.0.0.0:* 30843/rsyslogd
udp 0 0 :::514 :::* 30843/rsyslogd
unix 3 [ ] DGRAM 637901 30843/rsyslogd /dev/log
unix 2 [ ] DGRAM 637911 30843/rsyslogd
3 使用yum对rsyslog进行升级
# cd /etc/yum.repos.d
# wget http://rpms.adiscon.com/v8-stable/rsyslog.repo
# yum update rsyslog
4 验证包是否安装了
[root@host ~]# rpm -qa | grep rsyslog
rsyslog-8.29.0-1.el6.x86_64
5 配置防火墙规则
iptables -A INPUT -m state --state NEW -m udp -p udp -i eth0 --dport 514 -j ACCEPT
iptables -A INPUT -m state --state NEW -m tcp -p tcp -i eth0 --dport 514 -j ACCEPT
6 查看服务网络联通情况
[root@host ~]# tcpdump port 514
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:02:09.946198 IP reverse.gdsz.cncnet.net.fiorano-rtrsvc > 138.128.192.190.16clouds.com.shell: Flags [S], seq 381626941, win 65535, options [mss 1380,nop,wscale 1,nop,nop,sackOK], length 0
00:02:09.946572 IP 138.128.192.190.16clouds.com.shell > reverse.gdsz.cncnet.net.fiorano-rtrsvc: Flags [S.], seq 1926436450, ack 381626942, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
00:02:10.151413 IP reverse.gdsz.cncnet.net.fiorano-rtrsvc > 138.128.192.190.16clouds.com.shell: Flags [.], ack 1, win 64970, length 0
7