hey!
i did that yesterday :), *after* my post to the list.... :\ , should
have done it before.
the AcceptRemote flag gets set only if the -r option gets passed...
i still see no reason why it should bind() to the port... have you got
any idea why this
like it is???
any way, i dont have much time atm, maybe ill have a peek later or at
the weekend....
thank you for your investigations :)
kind regards
-morla
Luis Mondesi wrote:
On Jan 31, 2008 6:18 AM, morla <[EMAIL PROTECTED]> wrote:
hi again....
even if there wanst much of a response, im back to report what i found....
maybe this will help anyone else who has a spelling problem and searches
on the interwebs for an explanation. :P
if you configure syslogd to log to a remote syslogserver, it will bind
to port 514/UDP, even if it doesn't get the -r option passed.
i find this really confusing... why would syslogd need to listen on any
interface just to send data to a remote server???
makes no sense for me at all...
if anybody has an idea or knows why syslogd behaves like that, it would
be very interesting to hear about it on the list... (imo).
"use the [source] luke"
$> apt-get source sysklogd
syslogd.c:
210: The default behavior has changed for security reasons. The
syslogd will not receive any remote message unless you turn reception
on with the "-r" option.
...
2431: if (Forwarding || AcceptRemote) { ... create_inet_socket()...
What I understand from this is:
The socket is created and ready for sending messages to a remote
syslog server, but without -r it will not receive any messages.
Correct me if I'm wrong.
Regards,
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
