I have just upgraded to the latest stock firmware and also decided to configure it to send syslog entries to my main server for analysis. This is proving more awkward than expected because the format of some of the parts of a message entry contain strange 3 character prefixes of form "<n>" (n=1 or 4), e.g.
Mar 11 22:50:44 router kernel: DROP <4>DROP IN=ppp0 OUT= MAC= <1>SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx <1>LEN=40 TOS=0x00 PREC=0x80 TTL=41 ID=0 DF PROTO=TCP <1>SPT=12206 DPT=9797 SEQ=209659761 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0
Any idea why these characters are appearing, and is there a simple way to stop it without having to resort to add a pre-processing step to the analysis application? (If the answer is to install Merlin's firmware build instead, that's fine, unless of course it has the same problem!!?).
Mar 11 22:50:44 router kernel: DROP <4>DROP IN=ppp0 OUT= MAC= <1>SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx <1>LEN=40 TOS=0x00 PREC=0x80 TTL=41 ID=0 DF PROTO=TCP <1>SPT=12206 DPT=9797 SEQ=209659761 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0
Any idea why these characters are appearing, and is there a simple way to stop it without having to resort to add a pre-processing step to the analysis application? (If the answer is to install Merlin's firmware build instead, that's fine, unless of course it has the same problem!!?).
