Default Ports & Firewall¶
Default Ports¶
| Service | Protocol | Port | Description |
|---|---|---|---|
| Syslog (UDP) | UDP | 514 | Standard syslog receiver |
| Syslog (TLS) | TCP | 6514 | Encrypted syslog receiver |
| Web Dashboard | TCP | 5000 | HTTP/HTTPS web interface |
All ports are configurable from Settings → Server.
Automatic Firewall Rules¶
The installer creates two Windows Firewall rules automatically:
| Rule Name | Protocol | Port |
|---|---|---|
| LuceDev Syslog - UDP | UDP | 514 |
| LuceDev Syslog - Web Dashboard | TCP | 5000 |
The installer adds the following UFW rules automatically:
| Protocol | Port | Description |
|---|---|---|
| UDP | 514 | Syslog receiver |
| TCP | 6514 | TLS syslog |
| TCP | 5000 | Web dashboard |
UFW Must Be Active
These rules are added regardless of whether UFW is enabled. If UFW is not active on your system, run sudo ufw enable to activate it.
Manual Firewall Rules¶
If you change any port from its default, you need to add firewall rules manually.
Add a rule¶
# Example: TLS syslog on port 6514
netsh advfirewall firewall add rule name="LuceDev Syslog - TLS" dir=in action=allow protocol=TCP localport=6514
# Example: Web dashboard on custom port 8443
netsh advfirewall firewall add rule name="LuceDev Syslog - Web Custom" dir=in action=allow protocol=TCP localport=8443
Remove a rule¶
List existing rules¶
Network Firewalls¶
If you have a network firewall (pfSense, Fortinet, Palo Alto, etc.) between your syslog sources and this server, ensure the following traffic is allowed:
| Source | Destination | Protocol | Port |
|---|---|---|---|
| Syslog devices | Syslog server | UDP | 514 |
| Syslog devices | Syslog server | TCP | 6514 (if TLS enabled) |
| Admin workstations | Syslog server | TCP | 5000 (dashboard) |
Port Change Reminder
The Server tab's restart confirmation dialog will warn you if any ports are set to non-default values, reminding you to update firewall rules.